Unrated severityNVD Advisory· Published May 12, 2015· Updated May 6, 2026
CVE-2015-1858
CVE-2015-1858
Description
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
Affected products
12cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.htmlnvdPatchThird Party Advisory
- lists.qt-project.org/pipermail/announce/2015-April/000067.htmlnvdPatchVendor Advisory
- codereview.qt-project.orgnvdPatch
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/74309nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2626-1nvd
- security.gentoo.org/glsa/201603-10nvd
News mentions
0No linked articles in our index yet.