UBUNTU-CVE-2013-4549

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2013-4549

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-4549.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2013-4549

Related

CVE-2013-4549
USN-2057-1

Published

2013-12-05T00:00:00Z

Modified

2013-12-05T00:00:00Z

Summary

[none]

Details

QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.

References

Affected packages

Ubuntu:14.04:LTS / qt4-x11

Package

Name: qt4-x11
Purl: pkg:deb/ubuntu/qt4-x11@4:4.8.4+dfsg-0ubuntu20?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.8.4+dfsg-0ubuntu20

Affected versions

4:4.*

4:4.8.4+dfsg-0ubuntu18

4:4.8.4+dfsg-0ubuntu19

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libqt4-script": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql-mysql": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-declarative-folderlistmodel": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-opengl-dev": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-linguist-tools": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-dev-tools": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-network": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-gui": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql-tds": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-scripttools": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-default": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-doc-html": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-test": "4:4.8.4+dfsg-0ubuntu20",
            "qdbus": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-designer-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-qt3support-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-qt3support": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-qtconfig": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-svg": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-demos-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-bin-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-qmake": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-dev": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql-odbc": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-dev-bin": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-assistant": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-help": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql-sqlite": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-webkit": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-script-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-qmlviewer": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-declarative-gestures": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-designer": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-sql-psql": "4:4.8.4+dfsg-0ubuntu20",
            "libqtcore4": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-declarative-shaders": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-xml": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-declarative": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-core": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-demos": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-declarative-particles": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-webkit-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-xmlpatterns": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-xmlpatterns-dbg": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-doc": "4:4.8.4+dfsg-0ubuntu20",
            "libqtgui4": "4:4.8.4+dfsg-0ubuntu20",
            "qt4-designer": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-opengl": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-dbus": "4:4.8.4+dfsg-0ubuntu20",
            "libqt4-private-dev": "4:4.8.4+dfsg-0ubuntu20"
        }
    ]
}

Ubuntu:14.04:LTS / qtbase-opensource-src

Package

Name: qtbase-opensource-src
Purl: pkg:deb/ubuntu/qtbase-opensource-src@5.0.2+dfsg1-7ubuntu13?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.2+dfsg1-7ubuntu13

Affected versions

5.*

5.0.2+dfsg1-7ubuntu11

5.0.2+dfsg1-7ubuntu12

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libqt5test5": "5.0.2+dfsg1-7ubuntu13",
            "libqt5widgets5": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-doc-html": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5-odbc": "5.0.2+dfsg1-7ubuntu13",
            "libqt5concurrent5": "5.0.2+dfsg1-7ubuntu13",
            "libqt5network5": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-examples-dbg": "5.0.2+dfsg1-7ubuntu13",
            "libqt5opengl5-dev": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-examples": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5-sqlite": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5-tds": "5.0.2+dfsg1-7ubuntu13",
            "qt5-default": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-private-dev": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-dev-tools": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-dev": "5.0.2+dfsg1-7ubuntu13",
            "libqt5printsupport5": "5.0.2+dfsg1-7ubuntu13",
            "libqt5xml5": "5.0.2+dfsg1-7ubuntu13",
            "libqt5dbus5": "5.0.2+dfsg1-7ubuntu13",
            "libqt5core5": "5.0.2+dfsg1-7ubuntu13",
            "qt5-qmake": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5-psql": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-doc": "5.0.2+dfsg1-7ubuntu13",
            "libqt5gui5": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-dbg": "5.0.2+dfsg1-7ubuntu13",
            "libqt5opengl5": "5.0.2+dfsg1-7ubuntu13",
            "qtbase5-dev-tools-dbg": "5.0.2+dfsg1-7ubuntu13",
            "libqt5sql5-mysql": "5.0.2+dfsg1-7ubuntu13"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / phantomjs

Package

Name: phantomjs
Purl: pkg:deb/ubuntu/phantomjs@1.9.0-1ubuntu0.1~esm1?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9.0-1ubuntu0.1~esm1

Affected versions

1.*

1.9.0-1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "phantomjs": "1.9.0-1ubuntu0.1~esm1",
            "phantomjs-dbgsym": "1.9.0-1ubuntu0.1~esm1"
        }
    ]
}