oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mumble 1.2.6: Mumble-SA-2014-005 and Mumble-SA-2014-006

From: cve-assign () mitre org
Date: Wed, 14 May 2014 23:17:22 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


  Mumble-SA-2014-005  [http://mumble.info/security/Mumble-SA-2014-005.txt]
    - SVG images with local file references could trigger client DoS



    Qt's QSvg module's SVG renderer will follow file references
    found in SVG's image tag and XML stylesheet references.

    For image tags, Qt tries to load the referenced file using
    QImage's constructor that takes a file path. Further processing
    is then delegated to an image format plugin.

    For XML stylsheets, Qt will attempt to open the referenced
    file using QFile followed by a call to the readAll(), which
    will read the file until EOF.

    These two possibilities makes it easy to cause a Mumble client
    to hang


Use CVE-2014-3755.



  Mumble-SA-2014-006  [http://mumble.info/security/Mumble-SA-2014-006.txt]
    - The Mumble client did not properly HTML-escape some external strings
       before using them in a rich-text (HTML) context.



       By default, many Qt widgets sniff their text content to
       determine whether or not to use to render the text as HTML.
       However, in some places, the Mumble client neglected to
       properly escape external strings when used rich-text enabled
       Qt widgets.


Use CVE-2014-3756.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTdDFtAAoJEKllVAevmvmsEJkIAIU2hoalUJixp8Wmpyqg0SvI
t12IioHB0evU+BbyuOVDFdIUDD4KMo8OuKtMZGlvX1SWdgTUbhQo0wZ/3potGmjs
c7Df8+RZD3Zp8Ajn550vv/3mG1kQc+TPDOoBiiaDDpIErH39SPL1rHzUTIMm7GXD
BH3iOdsmS8PgO76pM3RLwAo07hlvvkPdXl4C0BqL7Ng6vJ2bCgdYLcYRQaVrPsbb
ZrZR4SUxAQ0U+/9zOz7LMMZB3oAwfTaqviqONMWZuxdENlNgzlESr3Y5lFtgkwVT
l3dHzZvcODnZcgbj7aCGAAh7gbaE4NmqiZkQA7q9xeVopl+8zg5eTZq6bNF+4zk=
=8lvm
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: