Fluid Attacks Database

Description

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	qtbase-opensource-src	>=0 <5.2.0+dfsg-7	5.2.0+dfsg-7
debian 13	qtbase-opensource-src	>=0 <5.2.0+dfsg-7	5.2.0+dfsg-7
debian 11	qtbase-opensource-src	>=0 <5.2.0+dfsg-7	5.2.0+dfsg-7
debian 12	qtbase-opensource-src	>=0 <5.2.0+dfsg-7	5.2.0+dfsg-7
rpm rhel6	qt	-	-
rpm rhel7	qt	-	-
rpm rhel5	qt4	-	-
rpm rhel6	qt3	-	-
rpm rhel7	qt3	-	-
rpm rhel7	qt5-qtbase	-	-

1-10 of 11

Aliases

1. CVE-2016-100402. NVD-2016-100403. OSV-DEBIAN-2016-100404. OSV-2016-100405. SECURITY-TRACKER-CVE-2016-10040

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.