CVE Vulnerabilities

CVE-2014-3755

Published: Nov 16, 2014 | Modified: Nov 17, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image tag or (2) XML stylesheet in an SVG file.

Affected Software

Name Vendor Start Version End Version
Mumble Mumble 1.2.0 1.2.0
Mumble Mumble 1.2.3 1.2.3
Mumble Mumble 1.2.2 1.2.2
Mumble Mumble 1.2.4 1.2.4
Mumble Mumble 1.2.3 1.2.3
Mumble Mumble 1.2.3 1.2.3
Mumble Mumble 1.2.4 1.2.4
Mumble Mumble * 1.2.5
Mumble Mumble 1.2.4 1.2.4
Mumble Mumble 1.2.3 1.2.3
Mumble Mumble 1.2.1 1.2.1

References