[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-1858Date: (C)2015-06-08   (M)2023-12-22


Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-74309
FEDORA-2015-6114
FEDORA-2015-6123
FEDORA-2015-6252
FEDORA-2015-6315
FEDORA-2015-6364
GLSA-201603-10
USN-2626-1
http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
https://codereview.qt-project.org/#/c/108312/

CPE    4
cpe:/o:fedoraproject:fedora:20
cpe:/o:fedoraproject:fedora:21
cpe:/o:fedoraproject:fedora:22
cpe:/a:digia:qt
...
CWE    1
CWE-119
OVAL    7
oval:org.secpod.oval:def:702587
oval:org.secpod.oval:def:108796
oval:org.secpod.oval:def:108774
oval:org.secpod.oval:def:108788
...

© SecPod Technologies