FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler

Affected packages
qt4-imageformats < 4.8.6_1
qt5-gui < 5.2.1_4

Details

VuXML ID 904d78b8-0f7e-11e4-8b71-5453ed2e2b49
Discovery 2014-04-24
Entry 2014-07-19
Modified 2014-07-21

Richard J. Moore reports:

The builtin GIF decoder in QtGui prior to Qt 5.3 contained a bug that would lead to a null pointer dereference when loading certain hand crafted corrupt GIF files. This in turn would cause the application loading these hand crafted GIFs to crash.

References

Bugtraq ID 67087
CVE Name CVE-2014-0190
Message http://lists.qt-project.org/pipermail/announce/2014-April/000045.html