CVE-2019-18281
qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
Un acceso a memoria fuera de límites en la función generateDirectionalRuns() en el archivo qtextengine.cpp en Qt qtbase versiones 5.11.x y versiones 5.12.x anteriores a 5.12.5, permite a atacantes causar una denegación de servicio al bloquear una aplicación por medio de un archivo de texto que contiene muchos caracteres direccionales.
It was discovered that Qt incorrectly handled certain PPM images. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Qt incorrectly handled certain text files. If a user or automated system were tricked into opening a specially crafted text file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-10-23 CVE Reserved
- 2019-10-23 CVE Published
- 2024-08-05 CVE Updated
- 2025-04-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1848784 | Issue Tracking | |
| https://seclists.org/bugtraq/2019/Nov/4 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://codereview.qt-project.org/c/qt/qtbase/+/271889 | 2020-02-18 |
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202003-60 | 2020-02-18 | |
| https://usn.ubuntu.com/4275-1 | 2020-02-18 | |
| https://www.debian.org/security/2019/dsa-4556 | 2020-02-18 | |
| https://access.redhat.com/security/cve/CVE-2019-18281 | 2020-04-29 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1764742 | 2020-04-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qt Search vendor "Qt" | Qtbase Search vendor "Qt" for product "Qtbase" | >= 5.11.0 <= 5.11.3 Search vendor "Qt" for product "Qtbase" and version " >= 5.11.0 <= 5.11.3" | - |
Affected
| ||||||
| Qt Search vendor "Qt" | Qtbase Search vendor "Qt" for product "Qtbase" | >= 5.12.0 < 5.12.5 Search vendor "Qt" for product "Qtbase" and version " >= 5.12.0 < 5.12.5" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||