CVE-2007-5965

Name of the Vulnerable Software and Affected Versions Trolltech Qt versions 4.3.0 through 4.3.2

Description The issue is related to the QSslSocket component in Trolltech Qt, which does not properly verify SSL certificates. This could allow remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user.

Recommendations For versions 4.3.0 through 4.3.2, consider updating to a version where the QSslSocket component properly verifies SSL certificates, although the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.