Описание
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7 |
| esm-infra-legacy/trusty | released | 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 |
| lucid | ignored | end of life |
| precise | released | 4:4.8.1-0ubuntu4.9 |
| trusty | released | 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 |
| trusty/esm | released | 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 |
| upstream | needs-triage | |
| utopic | released | 4:4.8.6+git49-gbc62005+dfsg-1ubuntu1.1 |
| vivid | released | 4:4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.4.1+dfsg-2ubuntu3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [5.2.1+dfsg-1ubuntu14.3]] |
| lucid | DNE | |
| precise | DNE | |
| trusty | released | 5.2.1+dfsg-1ubuntu14.3 |
| trusty/esm | DNE | trusty was released [5.2.1+dfsg-1ubuntu14.3] |
| upstream | released | 5.4.1+dfsg-2 |
| utopic | released | 5.3.0+dfsg-2ubuntu9.1 |
| vivid | not-affected | 5.4.1+dfsg-2ubuntu3 |
| vivid/stable-phone-overlay | released | 5.4.1+dfsg-2ubuntu11~vivid1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
The BMP decoder in QtGui in QT before 5.5 does not properly calculate ...
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
EPSS
5 Medium
CVSS2