CVE-2018-19869

Published: Dic 26, 2018 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2018-11543 Aliases: GSD-2018-19869
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM 4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0068
Percentile
0,7th
Updated

EPSS Score Trend (Last 91 Days)

20

Improper Input Validation

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality Integrity
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: AI/ML
Likelihood of Exploit: High
View CWE Details
Application

Qt by Qt

Product Information
Vendor Qt
Product Qt
Version Range Affected
To 5.11.3 (exclusive)
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Leap by Opensuse

Product Information
Vendor Opensuse
Product Leap
Version 15.0
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://lists.opensuse.org/opensuse-security-announce/2019-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html
https://access.redhat.com/errata/RHSA-2019:2135
https://access.redhat.com/errata/RHSA-2019:2135
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-impor…
Release Notes Vendor Advisory
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-update…
https://codereview.qt-project.org/#/c/234142/
Issue Tracking Patch Vendor Advisory
https://codereview.qt-project.org/#/c/234142/
https://lists.debian.org/debian-lts-announce/2019/05/msg000…
https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html
https://lists.debian.org/debian-lts-announce/2020/09/msg000…
https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html
https://lists.debian.org/debian-lts-announce/2020/10/msg000…
https://lists.debian.org/debian-lts-announce/2020/10/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2019-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html
http://lists.opensuse.org/opensuse-security-announce/2020-0…
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html
https://access.redhat.com/errata/RHSA-2019:2135
https://access.redhat.com/errata/RHSA-2019:2135
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-impor…
Release Notes Vendor Advisory
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-update…
https://codereview.qt-project.org/#/c/234142/
Issue Tracking Patch Vendor Advisory
https://codereview.qt-project.org/#/c/234142/
https://lists.debian.org/debian-lts-announce/2019/05/msg000…
https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html
https://lists.debian.org/debian-lts-announce/2020/09/msg000…
https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html
https://lists.debian.org/debian-lts-announce/2020/10/msg000…
https://lists.debian.org/debian-lts-announce/2020/10/msg00035.html