2017-10-16 12:31:07 -04:00
{
2019-03-17 23:46:31 +00:00
"CVE_data_meta" : {
2020-02-20 04:01:05 +00:00
"ASSIGNER" : "secalert@redhat.com" ,
2019-03-17 23:46:31 +00:00
"ID" : "CVE-2014-3484" ,
2020-02-20 04:01:05 +00:00
"STATE" : "PUBLIC"
2019-03-17 23:46:31 +00:00
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2020-02-20 04:01:05 +00:00
"value" : "Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Buffer Overflow"
}
]
}
]
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "n/a" ,
"product" : {
"product_data" : [
{
"product_name" : "musl libc" ,
"version" : {
"version_data" : [
{
"version_value" : "1.1x before 1.1.2"
} ,
{
"version_value" : "0.9.13 through 1.0.3"
}
]
}
}
]
}
}
]
}
} ,
"references" : {
"reference_data" : [
{
"refsource" : "MISC" ,
"name" : "http://seclists.org/oss-sec/2014/q2/495" ,
"url" : "http://seclists.org/oss-sec/2014/q2/495"
} ,
{
"refsource" : "MISC" ,
"name" : "http://git.musl-libc.org/cgit/musl/commit/?id=b3d9e0b94ea73c68ef4169ec82c898ce59a4e30a" ,
"url" : "http://git.musl-libc.org/cgit/musl/commit/?id=b3d9e0b94ea73c68ef4169ec82c898ce59a4e30a"
2019-03-17 23:46:31 +00:00
}
]
}
}
