Vulnerability CVE-2014-4909


Published: 2014-07-29

Description:
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Vendor: Fedoraproject
Product: Fedora 
Version: 20;
Vendor: Transmissionbt
Product: Transmission 
Version:
2.83
2.82
2.81
2.80
2.77
2.76
2.75
2.74
2.73
2.72
2.71
2.70
2.61
2.60
2.52
2.51
2.50
2.42
2.41
2.40
2.33
2.32
2.31
2.30
2.22
2.21
2.20
2.13
2.12
2.11
2.10
2.04
2.03
2.02
2.01
2.00
1.93
1.92
1.91
1.90
1.83
1.82
1.81
1.80
1.77
1.76
1.75
1.74
1.73
1.72
1.71
1.70
1.61
1.60
1.54
1.53
1.52
1.51
1.50
1.42
1.41
1.40
1.34
1.33
1.32
1.31
1.30
1.22
1.21
1.20
1.11
1.10
1.06
1.05
1.04
1.03
1.02
1.01
1.00
0.96
0.95
0.94
0.93
0.92
0.91
0.90
0.82
0.81
0.80
0.72
0.71
0.70
0.6.1
0.6
0.5
See more versions on NVD
Vendor: Canonical
Product: Ubuntu linux 
Version:
14.04
13.10
12.04
See more versions on NVD

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://twitter.com/benhawkes/statuses/484378151959539712
https://trac.transmissionbt.com/wiki/Changes#version-2.84
https://bugzilla.redhat.com/show_bug.cgi?id=1118290
https://bugs.gentoo.org/show_bug.cgi?id=516822
http://www.ubuntu.com/usn/USN-2279-1
http://www.securityfocus.com/bid/68487
http://www.osvdb.org/108997
http://www.openwall.com/lists/oss-security/2014/07/11/5
http://www.openwall.com/lists/oss-security/2014/07/10/4
http://www.debian.org/security/2014/dsa-2988
http://secunia.com/advisories/60527
http://secunia.com/advisories/60108
http://secunia.com/advisories/59897
http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html
http://inertiawar.com/submission.go

Related CVE
CVE-2019-11042
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past ...
CVE-2019-11041
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past ...
CVE-2019-14452
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
CVE-2019-13565
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simpl...
CVE-2019-13057
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not pro...
CVE-2019-2819
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privil...
CVE-2019-2805
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attac...
CVE-2019-2797
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with acces...

Copyright 2019, cxsecurity.com

 

Back to Top