Chris Evans has reported a vulnerability in the Qt library, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to boundary errors in the "read_dib()" function when handling 8-bit RLE encoded BMP files. This can be exploited by using an overly long length mark in order to cause a heap-based buffer overflow.
Successful exploitation may allow execution of arbitrary code and can be exploited via any application using the Qt library to display or decode BMP files.
NOTE: Some NULL pointer dereference errors within the handlers for XPM, GIF, and JPEG images can also be exploited to cause a DoS (Denial of Service).
The vulnerability affects version 3.3.2 and prior.
Solution: Update to version 3.3.3.
Provided and/or discovered by: Chris Evans
Original Advisory: http://scary.beasts.org/security/CESA-2004-004.txt
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org