Denial of service vulnerability in the BMP decoder in QtGui in QT via a crafted BMP file
|ID: oval:org.secpod.oval:def:24041||Date: (C)2015-04-07 (M)2018-05-13|
|Class: VULNERABILITY||Family: unix|
The host is installed with QT through 3.3.6-26 on Red Hat Enterprise Linux 5, through 4.6.2-28 on Red Hat Enterprise Linux 6, and 4.8.5-8 on Red Hat Enterprise Linux 7 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly calculate the masks used to extract the color components. Successful exploitation allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
|Red Hat Enterprise Linux 5|
|Red Hat Enterprise Linux 6|
|Red Hat Enterprise Linux 7|