PT-2015-5474 · Qt Company+3 · Qt+3

Fabian Vogt

+1

·

Publicado

2014-06-27

·

Atualizado

2021-06-16

·

CVE-2015-1858

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Qt versions prior to 4.8.7 Qt 5.x versions prior to 5.4.2
Description The issue is related to multiple buffer overflows in the gui/image/qbmphandler.cpp file within the QtBase module. This can be exploited by remote attackers using a crafted BMP image, potentially leading to a denial of service (segmentation fault and crash) and possibly allowing the execution of arbitrary code.
Recommendations For Qt versions prior to 4.8.7, update to version 4.8.7 or later. For Qt 5.x versions prior to 5.4.2, update to version 5.4.2 or later.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2014-1826
ALT-PU-2014-1827
ALT-PU-2014-1828
ALT-PU-2014-1829
ALT-PU-2014-1830
ALT-PU-2014-1831
ALT-PU-2014-1832
ALT-PU-2014-1833
ALT-PU-2014-1834
ALT-PU-2014-1835
ALT-PU-2014-1836
ALT-PU-2014-1837
ALT-PU-2014-1838
ALT-PU-2014-1839
ALT-PU-2014-1840
ALT-PU-2014-1841
ALT-PU-2014-1842
ALT-PU-2014-1843
ALT-PU-2014-1844
ALT-PU-2014-2468
ALT-PU-2015-1468
ALT-PU-2015-1496
ALT-PU-2015-1498
ALT-PU-2015-1499
ALT-PU-2015-1500
ALT-PU-2015-1504
ALT-PU-2015-1508
ALT-PU-2015-1509
ALT-PU-2015-1510
ALT-PU-2015-1511
ALT-PU-2015-1512
ALT-PU-2015-1513
ALT-PU-2015-1514
ALT-PU-2015-1515
ALT-PU-2015-1516
ALT-PU-2015-1517
ALT-PU-2015-1518
ALT-PU-2015-1519
ALT-PU-2015-1520
ALT-PU-2015-1521
ALT-PU-2015-1522
CVE-2015-1858
DLA-210-1
MGASA-2015-0198
OPENSUSE-SU-2024:10180-1
SUSE-SU-2015:0977-1
SUSE-SU-2015:1359-1
SUSE-SU-2015:1383-1
USN-2626-1

Produtos afetados

Alt Linux
Qt
Suse
Ubuntu