CVE-2010-2621
Title: Digia Qt Denial of Service (DoS)
DoS
Proof Of Concept
PoC Available for CVE-2010-2621
CWE Category
CWE-20
Published Date
Jul 02, 2010
Modified Date
Apr 29, 2026
Exploit Status
Available
Score
5.0
CVSS v2.0
Exploit Probability (EPSS)
12.00%
Vulnerability Summary
CVE-2010-2621: The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
Impacted Vendors
Reference Links
http://aluigi.org/adv/qtsslame-adv.txt
http://aluigi.org/poc/qtsslame.zip
http://osvdb.org/65860
http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597
http://secunia.com/advisories/40389
http://secunia.com/advisories/46410
http://www.securityfocus.com/bid/41250
http://www.vupen.com/english/advisories/2010/1657
https://hermes.opensuse.org/messages/12056605
http://aluigi.org/adv/qtsslame-adv.txt
http://aluigi.org/poc/qtsslame.zip
http://osvdb.org/65860
http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597
http://secunia.com/advisories/40389
http://secunia.com/advisories/46410
http://www.securityfocus.com/bid/41250
http://www.vupen.com/english/advisories/2010/1657
https://hermes.opensuse.org/messages/12056605
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
5.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:L/Au:N/C:N/I:N/A:P
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2010-2621 Exploits & PoCs (Proof Of Concept)
Exploit-DB
https://www.exploit-db.com/exploits/14268
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Stack
No specific products linked.