CVE-2016-10040

Priority
Description
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote
attackers to cause a denial of service (application crash) via a xml file
with multiple nested open tags.
Package
Upstream:released (4.8.7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4:4.8.7+dfsg-5ubuntu2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4:4.8.7+dfsg-7ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4:4.8.7+dfsg-7ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (4:4.8.7+dfsg-7ubuntu1)
Patches:
Upstream:https://codereview.qt-project.org/#/c/71010/
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (5.2.1+dfsg-1ubuntu14.3)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (5.5.1+dfsg-16ubuntu7.5)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.9.5+dfsg-0ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (5.11.1+dfsg-7ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (5.11.3+dfsg-2ubuntu1)
More Information

Updated: 2019-01-15 19:14:20 UTC (commit 63aa72dc976a3fa6bf15e81432589c4c64197c9f)