PT-2017-7316 · Qt+2 · Qt5-Qtwebkit+2

Vasyl Kaigorodov

Published

2014-12-18

Updated

2021-08-31

CVE-2015-8079

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions qt5-qtwebkit versions prior to 5.4

Description The issue concerns the recording of private browsing URLs in the favicon database, WebpageIcons.db. This affects the privacy of users' browsing history.

Recommendations For qt5-qtwebkit versions prior to 5.4, consider clearing the WebpageIcons.db database to remove recorded private browsing URLs. As a temporary workaround, restrict access to the favicon database to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2014-2467

CVE-2015-8079

SUSE-SU-2016:2397-1

SUSE-SU-2016_2397-1

Affected Products

Alt Linux

Suse

Qt5-Qtwebkit

PT-2017-7316 · Qt+2 · Qt5-Qtwebkit+2

CVE-2015-8079

Weakness Enumeration

Related Identifiers

Affected Products

References · 22