PT-2014-1913 · Qt Company+2 · Qt+3

Published

2014-05-08

Updated

2021-06-16

CVE-2014-0190

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.3 QtGui versions prior to 4.8.5-r2

Description The issue concerns a denial of service caused by a NULL pointer dereference in the GIF decoder of QtGui in Qt. This can be triggered by remote attackers sending a GIF image with invalid width and height values. The exploitation of this issue may lead to a disruption in the availability of protected information and can be carried out remotely.

Recommendations For Qt versions prior to 5.3, update to version 5.3 or later to resolve the issue. For QtGui versions prior to 4.8.5-r2, update to version 4.8.5-r2 or later to resolve the issue.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2014-1709

ALT-PU-2014-1710

ALT-PU-2014-1711

ALT-PU-2014-1712

ALT-PU-2014-1713

ALT-PU-2014-1714

ALT-PU-2014-1715

ALT-PU-2014-1716

ALT-PU-2014-1717

ALT-PU-2014-1718

ALT-PU-2014-1719

ALT-PU-2014-1720

ALT-PU-2014-1721

ALT-PU-2014-1722

ALT-PU-2014-1725

ALT-PU-2014-1726

BDU:2015-09779

CVE-2014-0190

MGASA-2014-0240

MGASA-2014-0241

MGASA-2014-0263

USN-2626-1

Affected Products

Alt Linux

Qtgui

Ubuntu

PT-2014-1913 · Qt Company+2 · Qt+3

CVE-2014-0190

Weakness Enumeration

Related Identifiers

Affected Products

References · 59