Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-1859

Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.

Related bugs and status

CVE-2015-1859 (Candidate) is related to these bugs:

Bug #1436215: Separate GTK2 dependency from libqt5gui5

Summary				In	Importance	Status
	1436215	Separate GTK2 dependency from libqt5gui5		qtbase-opensource-src (Ubuntu)	Wishlist	Fix Released
	1436215	Separate GTK2 dependency from libqt5gui5		qtbase-opensource-src (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.securityfoc...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: https://security.gento...
MISC: http://www.ubuntu.com/...
MISC: http://lists.qt-projec...