{ "id": "CVE-2014-0469", "sourceIdentifier": "security@debian.org", "published": "2014-05-05T16:07:05.643", "lastModified": "2024-11-21T02:02:12.040", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines." }, { "lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en cierto parche de Debian para xbuffy anterior a 3.3.bl.3.dfsg-9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del asunto de un email, posiblemente relacionado con l\u00edneas de asunto indentadas." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "baseScore": 6.8, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.3.bl.3.dfsg-8", "matchCriteriaId": "412E8DE0-C1B5-4CFC-AE24-E688612A061D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-1:*:*:*:*:*:*:*", "matchCriteriaId": "D1CA3664-75F7-4E4C-B2F8-875478387785" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-2:*:*:*:*:*:*:*", "matchCriteriaId": "64A7EC99-FF68-4A3F-AD2A-91AD784670AC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-3:*:*:*:*:*:*:*", "matchCriteriaId": "60DD3DD9-9A31-4FA5-8F1A-150D0D4AA248" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-4:*:*:*:*:*:*:*", "matchCriteriaId": "1147D805-7263-4CA9-A038-1AFC0EFBA920" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3-1:*:*:*:*:*:*:*", "matchCriteriaId": "EA09EDDB-583F-47E7-9347-CD47F11782B5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.b1.3-4:*:*:*:*:*:*:*", "matchCriteriaId": "4747ADC8-D18C-42E0-8902-AFBD7A2736CA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.2-1:*:*:*:*:*:*:*", "matchCriteriaId": "F95E24FD-3B66-4503-B6F1-A0C23040E94C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-1:*:*:*:*:*:*:*", "matchCriteriaId": "29C3F923-4148-4720-A814-2D575DF7530E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-2:*:*:*:*:*:*:*", "matchCriteriaId": "87716368-72E7-489C-8321-360D7A438057" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-3:*:*:*:*:*:*:*", "matchCriteriaId": "52EC4CB7-2440-4393-8258-A60EB9887193" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-5:*:*:*:*:*:*:*", "matchCriteriaId": "728D4DC0-96AE-4F05-BACD-8602562A3BD2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-6:*:*:*:*:*:*:*", "matchCriteriaId": "01173B26-1140-4E74-BAF1-8007C2E3D601" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-7:*:*:*:*:*:*:*", "matchCriteriaId": "F8A01773-2E6D-4AB6-B28B-CDCBDD0DC785" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-8:*:*:*:*:*:*:*", "matchCriteriaId": "978BB5A7-9A3B-437A-840C-9A71D28D48BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-9:*:*:*:*:*:*:*", "matchCriteriaId": "948685B1-FDE4-4D39-8659-95B7A2E00FEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-10:*:*:*:*:*:*:*", "matchCriteriaId": "1579A6EB-D410-4FCE-9FAC-1678E79B4131" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-11:*:*:*:*:*:*:*", "matchCriteriaId": "F8F9C249-AAE0-4120-9659-88B317E9D4F8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-12:*:*:*:*:*:*:*", "matchCriteriaId": "9690A49E-0DE2-4C54-8EC2-6EFF42DA38EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-13:*:*:*:*:*:*:*", "matchCriteriaId": "39915986-E4C2-428A-A744-B14FF1C44EE6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-14:*:*:*:*:*:*:*", "matchCriteriaId": "84DB8FB9-E76D-4227-B605-A550CE9E267D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-15:*:*:*:*:*:*:*", "matchCriteriaId": "C8467FB1-D9E3-4876-B761-1807A9D09105" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-16:*:*:*:*:*:*:*", "matchCriteriaId": "287FBB30-C168-417E-8FE2-1746F6FF86D3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-17:*:*:*:*:*:*:*", "matchCriteriaId": "2A2F2908-CE8A-414F-8BE2-F8BDE441D885" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-18:*:*:*:*:*:*:*", "matchCriteriaId": "EA3FA0A0-33FA-409F-AD61-1C7DBC7642C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-19:*:*:*:*:*:*:*", "matchCriteriaId": "4FA2C9E4-374D-446D-808D-F81A93F95A7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-20:*:*:*:*:*:*:*", "matchCriteriaId": "9B59715B-062E-4063-9EC2-60ED4B720022" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-21:*:*:*:*:*:*:*", "matchCriteriaId": "35FD599C-54A8-4C55-8766-46CBC9664D55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-22:*:*:*:*:*:*:*", "matchCriteriaId": "5DD384DC-B481-4D14-8477-397CDBB31685" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-23:*:*:*:*:*:*:*", "matchCriteriaId": "133D06C5-C2C6-493A-8FA8-F3CC5A3C7281" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-24:*:*:*:*:*:*:*", "matchCriteriaId": "DD7EE546-0B41-494C-B8A3-A3AEF3C3F230" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-25:*:*:*:*:*:*:*", "matchCriteriaId": "27B654EF-5102-4BA2-B389-6A18B11ED512" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-1:*:*:*:*:*:*:*", "matchCriteriaId": "4681EC42-F45B-48BB-9A7C-C57DDDDB68AB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-2:*:*:*:*:*:*:*", "matchCriteriaId": "19681C27-8F75-49BF-AD23-E73315C6C9DE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-3:*:*:*:*:*:*:*", "matchCriteriaId": "B53C79ED-A3A3-46D2-95F5-B8C3BC8F6C23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-4:*:*:*:*:*:*:*", "matchCriteriaId": "21BE43A0-3E69-4A6D-8A36-C0A8F7AAE83F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-5:*:*:*:*:*:*:*", "matchCriteriaId": "7DC38F67-031E-4FF1-A6D1-816FDB26D19C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-6:*:*:*:*:*:*:*", "matchCriteriaId": "A5BE544A-DC61-4B73-8D99-B4F0677314F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-7:*:*:*:*:*:*:*", "matchCriteriaId": "C04C637A-BA5D-46EB-BCED-5C11ADD93786" } ] } ] } ], "references": [ { "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html", "source": "security@debian.org" }, { "url": "http://www.debian.org/security/2014/dsa-2921", "source": "security@debian.org" }, { "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3", "source": "security@debian.org" }, { "url": "http://www.securityfocus.com/bid/67090", "source": "security@debian.org" }, { "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.debian.org/security/2014/dsa-2921", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/67090", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }