PT-2018-3711 · Qt Company+7 · Qt+7

Than Ngothan

Publicado

2018-07-13

Atualizado

2020-09-28

CVE-2018-19872

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Qt version 5.11

Description A issue in Qt 5.11 allows a remote attacker to cause a denial of service using a malformed PPM image, which results in a division by zero and a crash in the qppmhandler.cpp component.

Recommendations For Qt version 5.11, as a temporary workaround, consider disabling the handling of PPM images until a patch is available. Restrict access to the qppmhandler.cpp component to minimize the risk of exploitation. Avoid using the PPM image handling functionality in Qt until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Divide By Zero

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-369

Identificadores relacionados

ALSA-2020:1665

ALT-PU-2019-2558

ALT-PU-2019-2583

BDU:2021-03458

CESA-2020_1172

CESA-2020_1665

CVE-2018-19872

DLA-2376-1

DLA-2377-1

MGASA-2019-0161

OPENSUSE-SU-2019:1239-1

OPENSUSE-SU-2019_1239-1

RHSA-2020:1172

RHSA-2020:1665

RHSA-2020_1172

RHSA-2020_1665

RLSA-2020:1665

SUSE-SU-2019:0927-1

SUSE-SU-2020:0317-1

SUSE-SU-2020:0318-1

SUSE-SU-2020:0319-1

USN-4275-1

Produtos afetados

Alt Linux

Almalinux

Centos

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2018-3711 · Qt Company+7 · Qt+7

CVE-2018-19872

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 141