DEBIAN-CVE-2015-0295

DEBIAN-CVE-2015-0295 PUBLISHED CVSS 8.699999809265137 HIGH

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:13	qtbase-opensource-src	0, 0, 0
Debian:14	qtbase-opensource-src	0, 0, 0
Debian:12	qtbase-opensource-src	0, 0, 0
Debian:11	qtbase-opensource-src	0, 0, 0

Timeline

Mar 25, 2015 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2015-0295 advisory

Open in Interactive Console →