CVE-2014-0190

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-0190
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html Third Party Advisory
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html Vendor Advisory
http://www.securityfocus.com/bid/67087 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2626-1 Third Party Advisory
https://bugs.kde.org/show_bug.cgi?id=333404 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
History

16 Jun 2021, 13:39

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-476
CPE cpe:2.3:a:digia:qt:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.4.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.6:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.4:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.5:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.5:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.5:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.4.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.4:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.6:rc:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.5:rc:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:*:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.8.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:digia:qt:4.3.3:*:*:*:*:*:*:*		 cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
References (SUSE) http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html - (SUSE) http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html - Third Party Advisory
References (UBUNTU) http://www.ubuntu.com/usn/USN-2626-1 - (UBUNTU) http://www.ubuntu.com/usn/USN-2626-1 - Third Party Advisory
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html - Third Party Advisory
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html - Third Party Advisory
References (CONFIRM) https://bugs.kde.org/show_bug.cgi?id=333404 - (CONFIRM) https://bugs.kde.org/show_bug.cgi?id=333404 - Issue Tracking, Third Party Advisory
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/67087 - (BID) http://www.securityfocus.com/bid/67087 - Third Party Advisory, VDB Entry
Information

Published : 2014-05-08 14:29

Updated : 2024-02-04 18:35

NVD link : CVE-2014-0190

Mitre link : CVE-2014-0190

CVE.ORG link : CVE-2014-0190

JSON object : View

Products Affected

fedoraproject

  • fedora

canonical

  • ubuntu_linux

qt

  • qt

opensuse

  • opensuse
CWE
CWE-476

NULL Pointer Dereference