Описание
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qt4-x11 | fixed | 4:4.8.6+git64-g5dc8b2b+dfsg-3 | package | |
| qt4-x11 | no-dsa | wheezy | package | |
| qtbase-opensource-src | fixed | 5.4.1+dfsg-2 | experimental | package |
| qtbase-opensource-src | fixed | 5.3.2+dfsg-5 | package | |
| qtbase-opensource-src | fixed | 5.3.2+dfsg-4+deb8u1 | jessie | package |
Примечания
http://lists.qt-project.org/pipermail/announce/2015-February/000059.html
EPSS
Связанные уязвимости
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
EPSS