FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler

Affected packages
qt4-imageformats < 4.8.6_1
qt5-gui < 5.2.1_4

Details

VuXML ID 904d78b8-0f7e-11e4-8b71-5453ed2e2b49
Discovery 2014-04-24
Entry 2014-07-19
Modified 2014-07-21

Richard J. Moore reports:

The builtin GIF decoder in QtGui prior to Qt 5.3 contained a bug that would lead to a null pointer dereference when loading certain hand crafted corrupt GIF files. This in turn would cause the application loading these hand crafted GIFs to crash.

[source]

References

Bugtraq ID 67087
CVE Name CVE-2014-0190
Message http://lists.qt-project.org/pipermail/announce/2014-April/000045.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.