Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8154

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-8154
Last Modified 28 Jan 2015 11:11:49
Published 27 Jan 2015 03:59:12
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-8154

Summary

The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow.

Vulnerable Systems

Operating System

  • Novell Opensuse 13.2

Application

  • Gnome Vala 0.26.0

  • Gnome Vala 0.26.1


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=1181404

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=1177840

SUSE - openSUSE-SU-2015:0131


Last Updated: 27 May 2016 11:07:38