Your submission was sent successfully! Close

CVE-2016-10040

Published: 7 March 2017

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
qt4-x11
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(4:4.8.7+dfsg-7ubuntu1)
cosmic Not vulnerable
(4:4.8.7+dfsg-7ubuntu1)
disco Not vulnerable
(4:4.8.7+dfsg-7ubuntu1)
eoan Not vulnerable
(4:4.8.7+dfsg-7ubuntu1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist
(precise was needs-triage)
trusty Needed

upstream
Released (4.8.7)
xenial Not vulnerable
(4:4.8.7+dfsg-5ubuntu2)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
qtbase-opensource-src
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(5.9.5+dfsg-0ubuntu1)
cosmic Not vulnerable
(5.11.1+dfsg-7ubuntu1)
disco Not vulnerable
(5.11.3+dfsg-2ubuntu1)
eoan Not vulnerable
(5.11.3+dfsg-2ubuntu1)
focal Not vulnerable
(5.11.3+dfsg-2ubuntu1)
groovy Not vulnerable
(5.11.3+dfsg-2ubuntu1)
hirsute Not vulnerable
(5.11.3+dfsg-2ubuntu1)
impish Not vulnerable
(5.11.3+dfsg-2ubuntu1)
jammy Not vulnerable
(5.11.3+dfsg-2ubuntu1)
precise Does not exist

trusty Does not exist
(trusty was not-affected [5.2.1+dfsg-1ubuntu14.3])
upstream Needs triage

xenial Not vulnerable
(5.5.1+dfsg-16ubuntu7.5)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)