Описание
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
A memory corruption flaw was found in the way Qt handled certain Icon (ICO) files. If a user loaded a specially crafted ICO image file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | qt | Not affected | ||
| Red Hat Enterprise Linux 5 | qt4 | Will not fix | ||
| Red Hat Enterprise Linux 6 | qt | Will not fix | ||
| Red Hat Enterprise Linux 6 | qt3 | Not affected | ||
| Red Hat Enterprise Linux 7 | qt | Will not fix | ||
| Red Hat Enterprise Linux 7 | qt3 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp ...
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
EPSS
5.1 Medium
CVSS2