PT-2015-4563 · Qt Company+3 · Qt+3

Fabian Vogt

Published

2015-03-12

Updated

2024-06-15

CVE-2015-0295

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.5

Description The issue concerns a flaw in the BMP decoder within QtGui in Qt, where it fails to correctly calculate masks for extracting color components. This flaw can be exploited by remote attackers using a specially crafted BMP file, leading to a denial of service through a divide-by-zero error that causes the application to crash.

Recommendations For versions prior to 5.5, update to version 5.5 or later to resolve the issue.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

ALT-PU-2015-1496

ALT-PU-2015-1498

ALT-PU-2015-1499

ALT-PU-2015-1500

ALT-PU-2015-1504

ALT-PU-2015-1508

ALT-PU-2015-1509

ALT-PU-2015-1510

ALT-PU-2015-1511

ALT-PU-2015-1512

ALT-PU-2015-1513

ALT-PU-2015-1514

ALT-PU-2015-1515

ALT-PU-2015-1516

ALT-PU-2015-1517

ALT-PU-2015-1518

ALT-PU-2015-1519

ALT-PU-2015-1520

ALT-PU-2015-1521

ALT-PU-2015-1522

CVE-2015-0295

DLA-210-1

MGASA-2015-0105

OPENSUSE-SU-2024:10180-1

OPENSUSE-SU-2024:10287-1

OPENSUSE-SU-2024:10456-1

SUSE-SU-2015:0977-1

SUSE-SU-2015:1359-1

SUSE-SU-2015:1383-1

SUSE-SU-2015_0977-1

SUSE-SU-2015_1359-1

SUSE-SU-2015_1383-1

USN-2626-1

Affected Products

Alt Linux

Suse

Ubuntu

PT-2015-4563 · Qt Company+3 · Qt+3

CVE-2015-0295

Weakness Enumeration

Related Identifiers

Affected Products

References · 82