QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)

Title: QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)
Advisory ID: ZSL-2009-4911
Type: Remote
Impact: DoS
Risk: (3/5)
Release Date: 01.04.2009
Summary
QtWeb is compact, portable and secure web browser having some unique UI and privacy features. QtWeb is an open source project based on Nokia's Qt framework (former Trolltech) and Apple's WebKit rendering engine (the same as being used in Apple Safari and Google Chrome).
Description
QtWeb browser is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Vendor
QtWeb - http://www.qtweb.net
Affected Version
2.0 (build 043)
Tested On
Microsoft Windows XP Professional SP2 (English)
Vendor Status
N/A
PoC
qtweb_dos.pl
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://packetstormsecurity.org/filedesc/qtweb-dos.txt.html
[2] http://www.securityfocus.com/bid/34327
[3] http://xforce.iss.net/xforce/xfdb/49602
Changelog
[01.04.2009] - Initial release
[14.04.2010] - Added reference [3]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk