CVE-2015-1858 (retired)

Priority
Description
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module
in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a
denial of service (segmentation fault and crash) and possibly execute
arbitrary code via a crafted BMP image.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [4:4.8.1-0ubuntu4.9])
Ubuntu 14.04 LTS (Trusty Tahr):released (4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Ubuntu 18.10 (Cosmic Cuttlefish):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Ubuntu 19.04 (Disco Dingo):released (4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu7)
Patches:
Upstream:https://codereview.qt-project.org/#/c/108312/
Upstream:https://qt.gitorious.org/qt/qtbase/commit/51ec7ebfe5f45d1c0a03d992e97053cac66e25fe
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (5.2.1+dfsg-1ubuntu14.3)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (5.5.1+dfsg-16ubuntu7)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected
Ubuntu 19.04 (Disco Dingo):not-affected
More Information

Updated: 2019-03-26 12:14:45 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)