CVE-2014-3755 Information

Description

The QSvg module in Qt as used in the Mumble client 1.2.x before 1.2.6 allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image tag or (2) XML stylesheet in an SVG file.

Reference

http://mumble.info/security/Mumble-SA-2014-005.txt http://www.openwall.com/lists/oss-security/2014/05/15/1 http://www.openwall.com/lists/oss-security/2014/05/15/4 http://www.securityfocus.com/bid/67400 https://qt.gitorious.org/qt/mumble-developers-qt/commit/2147fa767980fe27a14f018b1528dbf880b96814