CVE-2009-1690

Name of the Vulnerable Software and Affected Versions libqt4-sql-sqlite2 (affected versions not specified) libqt4-webkit (affected versions not specified) libqt4-designer (affected versions not specified) libqt4-opengl (affected versions not specified) kdelibs5-dev (affected versions not specified) libqt4-script (affected versions not specified) libqt4-dbus (affected versions not specified) libqt4-assistant (affected versions not specified) kdelibs5 (affected versions not specified) libqt4-sql-sqlite (affected versions not specified) libqt4-sql-ibase (affected versions not specified) libqt4-network (affected versions not specified) libqt4-opengl-dev (affected versions not specified) libqt4-sql-psql (affected versions not specified) libqt4-xmlpatterns (affected versions not specified) libqt4-sql (affected versions not specified) libqt4-gui (affected versions not specified) libqt4-sql-mysql (affected versions not specified) qt4-designer (affected versions not specified) kdelibs-bin (affected versions not specified) libqt4-xmlpatterns-dbg (affected versions not specified) libqt4-core (affected versions not specified) libqt4-dev (affected versions not specified) kdelibs5-data (affected versions not specified) qt4-demos (affected versions not specified) qt4-dev-tools (affected versions not specified) qt4-doc (affected versions not specified) libqt4-dbg (affected versions not specified) libqt4-xml (affected versions not specified) libqt4-test (affected versions not specified) libqt4-qt3support (affected versions not specified) libqt4-sql-odbc (affected versions not specified) libqt4-webkit-dbg (affected versions not specified) libqt4-svg (affected versions not specified) kdelibs5-dbg (affected versions not specified) qt4-doc-html (affected versions not specified)

Description The issue involves multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libqt4-sql-sqlite2, libqt4-webkit, and others. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The exploitation can result in arbitrary code execution or denial of service due to memory corruption and application crashes. The vulnerabilities are related to recursion in certain DOM event handlers and can be triggered by setting an unspecified property of an HTML tag, causing child elements to be freed and later accessed when an HTML error occurs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.