CVE-CVE-2007-5965 | UNKNOWN Severity | CVEDatabase.com

Description

QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user.

CVSS Metrics

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector: network
Access Cmplx: medium
Auth: none
Confidentiality: none
Integrity: partial
Availability: none
Weaknesses: CWE-264

Metadata

Primary Vendor: TROLLTECH
Published: 1/8/2008
Last Modified: 4/9/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

trolltech : qsslsockettrolltech : qsslsockettrolltech : qsslsocket

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD