[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-9488Date: (C)2015-04-16   (M)2023-12-22


The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
FEDORA-2015-9357
MDVSA-2015:199
http://advisories.mageia.org/MGASA-2015-0139.html
https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
openSUSE-SU-2015:0595

CPE    2
cpe:/o:opensuse:opensuse:13.1
cpe:/a:gnu:less
CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:89000174
oval:org.secpod.oval:def:109177
oval:org.secpod.oval:def:109157

© SecPod Technologies