PT-2019-5885 · Qt Company+4 · Qt+4

Publicado

2019-10-23

Atualizado

2021-05-06

CVE-2019-18281

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Qt qtbase versions 5.11.x through 5.12.4

Description The issue is related to an out-of-bounds memory access in the generateDirectionalRuns() function. This can be exploited by attackers to cause a denial of service, crashing an application via a text file containing many directional characters. The vulnerability can be exploited remotely, allowing an attacker to cause a denial of service.

Recommendations For Qt qtbase versions 5.11.x through 5.12.4, update to version 5.12.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of text files containing directional characters to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2021-03592

CESA-2020_1665

CVE-2019-18281

DSA-4556-1

MGASA-2019-0356

OESA-2021-1158

RHSA-2020:1665

RHSA-2020_1665

RLSA-2020:1665

USN-4275-1

Produtos afetados

Centos

Red Hat

Rocky Linux

Ubuntu

PT-2019-5885 · Qt Company+4 · Qt+4

CVE-2019-18281

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 84