Search for vulnerabilities
Vulnerability details: VCID-8n9m-64hw-aaaj
Vulnerability ID VCID-8n9m-64hw-aaaj
Aliases CVE-2011-3194
Summary Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel.
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2011:1323
rhas Moderate https://access.redhat.com/errata/RHSA-2011:1328
epss 0.04660 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04660 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04660 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04660 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.04915 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05131 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.05681 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.07519 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
epss 0.10529 https://api.first.org/data/v1/epss?cve=CVE-2011-3194
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=733119
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2011-3194
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066209.html
http://lists.opensuse.org/opensuse-updates/2011-10/msg00007.html
http://lists.opensuse.org/opensuse-updates/2011-10/msg00008.html
http://rhn.redhat.com/errata/RHSA-2011-1323.html
http://rhn.redhat.com/errata/RHSA-2011-1328.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3194.json
https://api.first.org/data/v1/epss?cve=CVE-2011-3194
https://bugzilla.novell.com/show_bug.cgi?id=637275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194
http://secunia.com/advisories/46128
http://secunia.com/advisories/46140
http://secunia.com/advisories/46187
http://secunia.com/advisories/46371
http://secunia.com/advisories/46410
http://secunia.com/advisories/49383
http://secunia.com/advisories/49895
http://security.gentoo.org/glsa/glsa-201206-02.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/69975
https://hermes.opensuse.org/messages/12056605
https://qt.gitorious.org/qt/qt/commit/cb6380beb81ab9571c547270c144988781fed465
http://www.openwall.com/lists/oss-security/2011/08/22/6
http://www.openwall.com/lists/oss-security/2011/08/24/8
http://www.osvdb.org/75653
http://www.securityfocus.com/bid/49724
http://www.ubuntu.com/usn/USN-1504-1
641738 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641738
733119 https://bugzilla.redhat.com/show_bug.cgi?id=733119
cpe:2.3:a:qt:qt:4.7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qt:qt:4.7.4:*:*:*:*:*:*:*
CVE-2011-3194 https://nvd.nist.gov/vuln/detail/CVE-2011-3194
GLSA-201206-02 https://security.gentoo.org/glsa/201206-02
RHSA-2011:1323 https://access.redhat.com/errata/RHSA-2011:1323
RHSA-2011:1328 https://access.redhat.com/errata/RHSA-2011:1328
USN-1504-1 https://usn.ubuntu.com/1504-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-3194
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.92489
EPSS Score 0.04660
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.