Trolltech Qt GIF Image QGifHandler NULL Pointer Dereference Segmentation Fault Vulnerability



A vulnerability in the QGifHandler component of Trolltech Qt could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper processing of GIF image files by the affected software. An attacker could exploit this vulnerability by persuading a user to access a GIF image file that submits malicious input to the targeted system. A successful exploit could trigger a QImage allocation failure in the QGifHandler component that causes the affected software to crash, resulting in a DoS condition.

Trolltech has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-19870

Source:: Cisco Multivendor Vulnerability Alerts