Unrated severityNVD Advisory· Published May 12, 2015· Updated Jun 17, 2026
CVE-2015-1859
CVE-2015-1859
Description
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qt:5.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- osv-coords17 versionspkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/libqt5-qtbase&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/libqt5-qtbase&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt5-qtbase&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt5-qtbase&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 4.8.6-4.6+ 16 more
- (no CPE)range: < 4.8.6-4.6
- (no CPE)range: < 4.8.6-4.6
- (no CPE)range: < 4.8.6-4.6
- (no CPE)range: < 4.8.6-4.2
- (no CPE)range: < 4.8.6-4.2
- (no CPE)range: < 4.8.6-4.2
- (no CPE)range: < 4.8.6-4.2
- (no CPE)range: < 4.8.6-4.2
- (no CPE)range: < 4.8.6-4.1
- (no CPE)range: < 4.8.6-4.1
- (no CPE)range: < 4.8.6-4.1
- (no CPE)range: < 4.8.6-4.1
- (no CPE)range: < 4.8.6-4.1
- (no CPE)range: < 5.3.1-4.4.2
- (no CPE)range: < 5.3.1-4.4.2
- (no CPE)range: < 5.3.1-4.4.2
- (no CPE)range: < 5.3.1-4.4.2
Patches
Vulnerability mechanics
References
10- lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.htmlnvdPatchThird Party Advisory
- lists.qt-project.org/pipermail/announce/2015-April/000067.htmlnvdPatchVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/74307nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/74310nvd
- www.ubuntu.com/usn/USN-2626-1nvd
- security.gentoo.org/glsa/201603-10nvd
News mentions
0No linked articles in our index yet.