Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201603-10
HistoryMar 12, 2016 - 12:00 a.m.

QtGui: Multiple vulnerabilities

2016-03-1200:00:00
Gentoo Foundation
security.gentoo.org
13

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.1%

JSON

Background

QtGui is the GUI module and platform plugins for the Qt framework

Description

Multiple buffer overflow vulnerabilities have been discovered in QtGui. It is possible for remote attackers to construct specially crafted BMP, ICO, or GIF images that lead to buffer overflows. After successfully overflowing the buffer the remote attacker can then cause a Denial of Service or execute arbitrary code.

Impact

A remote attacker could possibly execute arbitrary code or cause Denial of Service.

Workaround

There is no known work around at this time.

Resolution

All QtGui 4.8 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-qt/qtgui-4.8.6-r4"

All QtGui 5.4 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-qt/qtgui-5.4.1-r1"
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-qt/qtgui< 5.4.1-r1UNKNOWN

Related

fedora 10
nessus 20
openvas 20
mageia 1
freebsd 1
securityvulns 2
slackware 1
ubuntu 1
debian 1
osv 1
debiancve 3
cve 3
prion 3
ubuntucve 3
fedora
fedora
[SECURITY] Fedora 22 Update: qt3-3.3.8b-63.fc22
2015-04-24 22:48:40
[SECURITY] Fedora 22 Update: qt5-qtbase-5.4.1-9.fc22
2015-04-21 19:11:45
[SECURITY] Fedora 22 Update: qt-4.8.6-28.fc22
2015-04-23 16:10:14
nessus
nessus
Fedora 22 : qt3-3.3.8b-63.fc22 (2015-6613)
2015-04-27 00:00:00
Fedora 20 : qt5-qtbase-5.4.1-9.fc20 (2015-6315)
2015-04-27 00:00:00
Fedora 21 : qt-4.8.6-28.fc21 (2015-6252)
2015-05-04 00:00:00
openvas
openvas
Fedora Update for qt FEDORA-2015-6123
2015-07-07 00:00:00
Mageia: Security Advisory (MGASA-2015-0198)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201603-10
2016-03-14 00:00:00
mageia
mageia
Updated qt3 qt4 & qtbase5 packages fix security vulnerabilities
2015-05-06 19:44:10
freebsd
freebsd
qt4-imageformats, qt4-gui, qt5-gui -- Multiple Vulnerabilities in Qt Image Format Handling
2015-04-12 00:00:00
securityvulns
securityvulns
qt multiple security vulnerabilities
2015-05-05 00:00:00
[slackware-security] qt &#40;SSA:2015-111-13&#41;
2015-05-05 00:00:00
slackware
slackware
[slackware-security] qt
2015-04-22 01:24:32
ubuntu
ubuntu
Qt vulnerabilities
2015-06-03 00:00:00
debian
debian
[SECURITY] [DLA 210-1] qt4-x11 security update
2015-04-30 11:59:25
osv
osv
qt4-x11 - security update
2015-04-30 00:00:00
debiancve
debiancve
CVE-2015-1858
2015-05-12 19:59:00
CVE-2015-1859
2015-05-12 19:59:00
CVE-2015-1860
2015-05-12 19:59:00
cve
cve
CVE-2015-1860
2015-05-12 19:59:00
CVE-2015-1859
2015-05-12 19:59:00
CVE-2015-1858
2015-05-12 19:59:00
prion
prion
Buffer overflow
2015-05-12 19:59:00
Buffer overflow
2015-05-12 19:59:00
Buffer overflow
2015-05-12 19:59:00
ubuntucve
ubuntucve
CVE-2015-1860
2015-05-12 00:00:00
CVE-2015-1859
2015-05-12 00:00:00
CVE-2015-1858
2015-05-12 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.1%

JSON
Related for GLSA-201603-10
fedora10nessus20openvas20mageia1freebsd1securityvulns2slackware1ubuntu1debian1osv1debiancve3cve3prion3ubuntucve3