CVE-2014-0190

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
qtqt
𝑥
< 5.3.0
opensuseopensuse
13.1
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
14.10
canonicalubuntu_linux
15.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qt4-x11
vivid
not-affected
utopic
not-affected
trusty
Fixed 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1
released
saucy
ignored
quantal
ignored
precise
Fixed 4:4.8.1-0ubuntu4.9
released
lucid
ignored
qtbase-opensource-src
vivid
not-affected
utopic
not-affected
trusty
Fixed 5.2.1+dfsg-1ubuntu14.3
released
saucy
ignored
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
http://www.securityfocus.com/bid/67087
http://www.ubuntu.com/usn/USN-2626-1
https://bugs.kde.org/show_bug.cgi?id=333404
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
http://www.securityfocus.com/bid/67087
http://www.ubuntu.com/usn/USN-2626-1
https://bugs.kde.org/show_bug.cgi?id=333404