Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2014-3618 - CERT CVE
CVE-2014-3618
ID
CVE-2014-3618
Sažetak
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
Reference
http://www.openwall.com/lists/oss-security/2014/09/03/8
http://www.debian.org/security/2014/dsa-3019
http://www.ubuntu.com/usn/USN-2340-1
http://www.securityfocus.com/bid/69573
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00022.html
http://rhn.redhat.com/errata/RHSA-2014-1172.html
https://support.apple.com/HT205267
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
http://secunia.com/advisories/61108
http://secunia.com/advisories/61090
http://secunia.com/advisories/61076
http://linux.oracle.com/errata/ELSA-2014-1172.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/95688
CVSS
Base:
7.5
Impact:
6.4
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:N/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje
13-02-2023 - 00:41
Objavljeno
08-09-2014 - 14:55
