Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libqt4-declarative-particles-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-script": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-linguist-tools-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-folderlistmodel": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-gestures-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-mysql-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-odbc-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-linguist-tools": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-dev-tools": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-network": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qmake-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-designer-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-tds": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-default": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-doc-html": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qdbus": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-qt3support-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qtcore4-l10n": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-help-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtgui4": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-doc": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-dev": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-opengl-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-designer-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-odbc": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-webkit-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-webkit": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtcore4": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-xml-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qmlviewer": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-gestures": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-psql": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-shaders": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-psql-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtdbus4-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-particles": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-folderlistmodel-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-designer": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-qt3support-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-dev-bin-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-opengl-dev": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-mysql": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qtconfig-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtgui4-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-gui": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-scripttools": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-test": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-scripttools-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-qt3support": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qtconfig": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-demos-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-svg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-demos-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-bin-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-sqlite-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-xmlpatterns-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative-shaders-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-dev-bin": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-assistant": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-help": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-sqlite": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qdbus-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-script-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtcore4-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qmake": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-designer": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-script-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-test-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqtdbus4": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-xml": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-demos": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-core": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-sql-tds-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-declarative": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-dev-tools-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-qmlviewer-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-xmlpatterns-dbg": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-xmlpatterns": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-network-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-opengl": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-svg-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-dbus": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "libqt4-private-dev": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1", "qt4-designer-dbgsym": "4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libqt5test5": "5.2.1+dfsg-1ubuntu14.3", "libqt5widgets5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-doc-html": "5.2.1+dfsg-1ubuntu14.3", "libqt5dbus5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-odbc": "5.2.1+dfsg-1ubuntu14.3", "libqt5concurrent5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-private-dev-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5network5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-examples-dbg": "5.2.1+dfsg-1ubuntu14.3", "libqt5opengl5-dev": "5.2.1+dfsg-1ubuntu14.3", "libqt5xml5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-examples": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-sqlite": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-tds": "5.2.1+dfsg-1ubuntu14.3", "libqt5gui5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5widgets5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-mysql-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5opengl5-dev-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5core5a": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-sqlite-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qt5-qmake-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dev-tools": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dev": "5.2.1+dfsg-1ubuntu14.3", "libqt5opengl5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-private-dev": "5.2.1+dfsg-1ubuntu14.3", "libqt5printsupport5": "5.2.1+dfsg-1ubuntu14.3", "libqt5xml5": "5.2.1+dfsg-1ubuntu14.3", "libqt5dbus5": "5.2.1+dfsg-1ubuntu14.3", "qt5-default": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-psql-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dev-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5core5a-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qt5-qmake": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dev-tools-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-psql": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-examples-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5gui5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dbg": "5.2.1+dfsg-1ubuntu14.3", "libqt5network5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5opengl5": "5.2.1+dfsg-1ubuntu14.3", "qtbase5-dev-tools-dbg": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-tds-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5test5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-mysql": "5.2.1+dfsg-1ubuntu14.3", "libqt5printsupport5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5concurrent5-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "qt5-default-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-odbc-dbgsym": "5.2.1+dfsg-1ubuntu14.3", "libqt5sql5-dbgsym": "5.2.1+dfsg-1ubuntu14.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libqt5test5": "5.5.1+dfsg-16ubuntu7", "libqt5widgets5": "5.5.1+dfsg-16ubuntu7", "qtbase5-doc-html": "5.5.1+dfsg-16ubuntu7", "libqt5dbus5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-odbc": "5.5.1+dfsg-16ubuntu7", "libqt5concurrent5": "5.5.1+dfsg-16ubuntu7", "qtbase5-private-dev-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5network5": "5.5.1+dfsg-16ubuntu7", "qtbase5-examples-dbg": "5.5.1+dfsg-16ubuntu7", "libqt5opengl5-dev": "5.5.1+dfsg-16ubuntu7", "libqt5xml5-dbgsym": "5.5.1+dfsg-16ubuntu7", "qtbase5-examples": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-sqlite": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-tds": "5.5.1+dfsg-16ubuntu7", "libqt5gui5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5widgets5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-mysql-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5opengl5-dev-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5core5a": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-sqlite-dbgsym": "5.5.1+dfsg-16ubuntu7", "qt5-qmake-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5libqgtk2-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5": "5.5.1+dfsg-16ubuntu7", "qtbase5-dev": "5.5.1+dfsg-16ubuntu7", "libqt5opengl5-dbgsym": "5.5.1+dfsg-16ubuntu7", "qtbase5-dev-tools": "5.5.1+dfsg-16ubuntu7", "libqt5printsupport5": "5.5.1+dfsg-16ubuntu7", "libqt5xml5": "5.5.1+dfsg-16ubuntu7", "libqt5dbus5": "5.5.1+dfsg-16ubuntu7", "qt5-qmake-arm-linux-gnueabihf": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-psql-dbgsym": "5.5.1+dfsg-16ubuntu7", "qtbase5-private-dev": "5.5.1+dfsg-16ubuntu7", "qt5-default": "5.5.1+dfsg-16ubuntu7", "libqt5libqgtk2": "5.5.1+dfsg-16ubuntu7", "qtbase5-dev-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5core5a-dbgsym": "5.5.1+dfsg-16ubuntu7", "qt5-qmake": "5.5.1+dfsg-16ubuntu7", "qt5-qmake-arm-linux-gnueabihf-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-psql": "5.5.1+dfsg-16ubuntu7", "qtbase5-dev-tools-dbgsym": "5.5.1+dfsg-16ubuntu7", "qtbase5-examples-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5gui5": "5.5.1+dfsg-16ubuntu7", "qtbase5-dbg": "5.5.1+dfsg-16ubuntu7", "libqt5network5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5opengl5": "5.5.1+dfsg-16ubuntu7", "qtbase5-dev-tools-dbg": "5.5.1+dfsg-16ubuntu7", "libqt5printsupport5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5test5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-mysql": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-odbc-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5concurrent5-dbgsym": "5.5.1+dfsg-16ubuntu7", "qt5-default-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-dbgsym": "5.5.1+dfsg-16ubuntu7", "libqt5sql5-tds-dbgsym": "5.5.1+dfsg-16ubuntu7" } ] }