Описание
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the (1) user or (2) channel name in a Qt dialog, (3) subject common name or (4) email address to the Certificate Wizard, or (5) server name in a tooltip.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.6-1 |
| esm-apps/xenial | not-affected | 1.2.6-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.2.4-0.2ubuntu1.1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| saucy | ignored | end of life |
| trusty | released | 1.2.4-0.2ubuntu1.1 |
| trusty/esm | DNE | trusty was released [1.2.4-0.2ubuntu1.1] |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the (1) user or (2) channel name in a Qt dialog, (3) subject common name or (4) email address to the Certificate Wizard, or (5) server name in a tooltip.
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to for ...
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the (1) user or (2) channel name in a Qt dialog, (3) subject common name or (4) email address to the Certificate Wizard, or (5) server name in a tooltip.
5 Medium
CVSS2