CVE-2016-10040

Опубликовано: 07 мар. 2017

Источник: debian

EPSS Низкий

Описание

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qt4-x11	fixed	4:4.8.7+dfsg-1		package
qt4-x11	ignored		jessie	package
qt4-x11	ignored		wheezy	package
qtbase-opensource-src	fixed	5.2.0+dfsg-7		package

Примечания

CVE assignment specific to https://www.openwall.com/lists/oss-security/2016/12/24/2
https://www.openwall.com/lists/oss-security/2016/12/24/1
https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac

EPSS

Процентиль: 77%

0.01068

Низкий

Связанные уязвимости

CVE-2016-10040

CVSS3: 5.5

ubuntu

почти 9 лет назад

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

CVE-2016-10040

CVSS3: 3.7

redhat

около 9 лет назад

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

CVE-2016-10040

CVSS3: 5.5

nvd

почти 9 лет назад

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

SUSE-SU-2018:1902-1

suse-cvrf

больше 7 лет назад

Security update for libqt4

GHSA-6ppq-w2qp-6rhq

CVSS3: 5.5

github

больше 3 лет назад

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

EPSS

Процентиль: 77%

0.01068

Низкий