QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)
Title: QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)
Advisory ID: ZSL-2009-4911
Type: Remote
Impact: DoS
Risk: (3/5)
Release Date: 01.04.2009
[2] http://www.securityfocus.com/bid/34327
[3] http://xforce.iss.net/xforce/xfdb/49602
[14.04.2010] - Added reference [3]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2009-4911
Type: Remote
Impact: DoS
Risk: (3/5)
Release Date: 01.04.2009
Summary
QtWeb is compact, portable and secure web browser having some unique UI and privacy features. QtWeb is an open source project based on Nokia's Qt framework (former Trolltech) and Apple's WebKit rendering engine (the same as being used in Apple Safari and Google Chrome).Description
QtWeb browser is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users.Vendor
QtWeb - http://www.qtweb.netAffected Version
2.0 (build 043)Tested On
Microsoft Windows XP Professional SP2 (English)Vendor Status
N/APoC
qtweb_dos.plCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://packetstormsecurity.org/filedesc/qtweb-dos.txt.html[2] http://www.securityfocus.com/bid/34327
[3] http://xforce.iss.net/xforce/xfdb/49602
Changelog
[01.04.2009] - Initial release[14.04.2010] - Added reference [3]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
