CVE-2012-5624

NameCVE-2012-5624
DescriptionThe XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs695156

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt4-x11sourcesqueeze(not affected)
qt4-x11source(unstable)4:4.8.2+dfsg-7695156

Notes

[squeeze] - qt4-x11 <not-affected> (Vulnerable code not present)
http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
Search for package or bug name: Reporting problems