25 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a...
RHEL 4 : qt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - QT: BMP image handler crash CVE-2015-0295 Note that Nessus has not tested for this issue but has instead relied on...
Debian: Security Advisory (DLA-210-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1959
Software: qt 4.8.7 OS: Cobalt 7.9 CVE-ID: CVE-2014-0190 CVE-Crit: HIGH CVE-DESC: The GIF decoder in QtGui in Qt before version 5.3 allows remote attackers to cause a denial of service dereferencing a NULL pointer via invalid width and height values in a GIF image. CVE-STATUS: default CVE-REV:...
SUSE: Security Advisory (SUSE-SU-2015:1359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2656)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : libqt5-qtbase (SUSE-SU-2015:1383-1)
This security update fixes the following issues : - Add libqt5-Fix-a-division-by-zero-processing-malformed-BMP.p atch - QTBUG-44547, bsc921999 CVE-2015-0295 - Add libqt5-Fixes-crash-in-bmp-and-ico-image-decoding.patch - bsc927806 CVE-2015-1858, bsc927807 CVE-2015-1859 - Add...
SUSE SLED12 / SLES12 Security Update : libqt4 (SUSE-SU-2015:1359-1)
The libqt4 library was updated to fix several security and non security issues. The following vulnerabilities were fixed : - bsc921999: CVE-2015-0295: division by zero when processing malformed BMP files - bsc927806: CVE-2015-1858: segmentation fault in BMP Qt Image Format Handling - bsc927807:...
Fedora Update for mingw-qt5-qtbase FEDORA-2015-6932
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qt FEDORA-2015-2866
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2015:0977-1 Security update for libqt4
The libqt4 library was updated to fix several security issues: CVE-2015-0295: Division by zero when processing malformed BMP files. bsc921999 CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling. bsc927806 CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling. bsc927807...
Fedora Update for mingw-qt5-qtbase FEDORA-2015-6925
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : mingw-qt5-qtbase-5.4.1-2.fc22 (2015-6932)
Fix CVE-2015-0295, CVE-2015-1858, CVE-2015-1859 and CVE-2015-1860 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Debian DLA-210-1 : qt4-x11 security update
This update fixes multiple security issues in the Qt library. CVE-2013-0254 The QSharedMemory class uses weak permissions world-readable and world-writable for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by readin...
DLA-210-1 qt4-x11 - security update
Bulletin has no description...
Fedora Update for qt5-qtbase FEDORA-2015-6315
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] qt
New qt packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/qt-4.8.6-i486-1slack14.1.txz: Upgraded. Fixed issues with BMP, ICO, and GIF handling that could lead to a denial of service or the...
Slackware 14.1 / current : qt (SSA:2015-111-13)
New qt packages are available for Slackware 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-111-13. The text itself is copyright C Slackware...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
CVE-2015-0295 affects the BMP decoding path in QtGui (Qt before 5.5). The BMP decoder fails to correctly calculate color masks, enabling a crafted BMP file to trigger a divide-by-zero and crash (remote denial of service). Connected sources (e.g., Qt/QtBase advisories and multiple Nessus entries) ...