CVE-2014-0190

EUVD-2014-0242
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
qtqt
𝑥
< 5.3.0
opensuseopensuse
13.1
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
14.10
canonicalubuntu_linux
15.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qt4-x11
lucid
ignored
precise
Fixed 4:4.8.1-0ubuntu4.9
released
quantal
ignored
saucy
ignored
trusty
Fixed 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1
released
utopic
not-affected
vivid
not-affected
qtbase-opensource-src
lucid
dne
precise
dne
quantal
dne
saucy
ignored
trusty
Fixed 5.2.1+dfsg-1ubuntu14.3
released
utopic
not-affected
vivid
not-affected
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
http://www.securityfocus.com/bid/67087
http://www.ubuntu.com/usn/USN-2626-1
https://bugs.kde.org/show_bug.cgi?id=333404
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
http://www.securityfocus.com/bid/67087
http://www.ubuntu.com/usn/USN-2626-1
https://bugs.kde.org/show_bug.cgi?id=333404