CVE-2015-1858

Priority
Low
Description
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module
in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a
denial of service (segmentation fault and crash) and possibly execute
arbitrary code via a crafted BMP image.
References
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (5.2.1+dfsg-1ubuntu14.3)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.04 (Zesty Zapus):needed
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [4:4.8.1-0ubuntu4.9])
Ubuntu 14.04 LTS (Trusty Tahr):released (4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Ubuntu 17.04 (Zesty Zapus):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Patches:
Upstream:https://codereview.qt-project.org/#/c/108312/
Upstream:https://qt.gitorious.org/qt/qtbase/commit/51ec7ebfe5f45d1c0a03d992e97053cac66e25fe
More Information

Updated: 2017-08-11 23:17:54 UTC (commit 13081)