Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 271866 - dev-qt/qtwebkit XML nested A infinite loop (CVE-2009-1233)
Summary: dev-qt/qtwebkit XML nested A infinite loop (CVE-2009-1233)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-05-30 11:36 UTC by Robert Buchholz (RETIRED)
Modified: 2013-09-12 22:22 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2009-05-30 11:36:50 UTC
CVE-2009-1233 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1233):
  Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to
  cause a denial of service (application crash) via an XML document
  containing many nested A elements.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-05-30 11:38:03 UTC
could reproduce an infinite loop on 4.4.2-r1.
Comment 2 Johannes Huber gentoo-dev 2012-03-28 11:10:59 UTC
Is this reproducible with current lowest stable version =x11-libs/qt-webkit-4.6.3-r1 in tree?
Comment 3 Johannes Huber gentoo-dev 2012-07-09 11:50:57 UTC
(In reply to comment #2)
> Is this reproducible with current lowest stable version
> =x11-libs/qt-webkit-4.6.3-r1 in tree?

Ping. 

=x11-libs/qt-webkit-4.6* is removed from tree. Lowest stable version in tree is now =x11-libs/qt-webkit-4.7.4. Is this still reproducible?
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2012-08-16 05:32:53 UTC
(In reply to comment #3)
> =x11-libs/qt-webkit-4.6* is removed from tree. Lowest stable version in tree
> is now =x11-libs/qt-webkit-4.7.4. Is this still reproducible?

Not sure. There is a (safe-looking) exploit here if you're able to test.

http://downloads.securityfocus.com/vulnerabilities/exploits/34318.py
Comment 5 Davide Pesavento gentoo-dev 2012-10-16 14:22:47 UTC
Could *not* reproduce the crash with qt-webkit-4.8.2 (latest stable), I tried with both www-client/qupzilla and www-client/rekonq
Comment 6 Michael Palimaka (kensington) gentoo-dev 2013-03-09 16:35:24 UTC
I believe there's nothing further for the Qt team to do:

* The issue was not able to be reproduced with a stable version of qtwebkit
* I was not able to locate any other information suggesting that the bug affected webkit products other than safari
* I could not locate any other Linux distribution tracking the CVE in question (other than to say it does not apply to them)

Please feel free to re-CC us if you disagree or require something further from us.
Comment 7 Chris Reffett (RETIRED) gentoo-dev Security 2013-09-12 22:22:12 UTC
All affected versions are gone from tree. Closing as discussed with keytoaster. No GLSA for you.