Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2014-4715

Published: Jul 03, 2014 | Modified: Jul 17, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
6 MODERATE
AV:L/AC:H/Au:S/C:C/I:C/A:C
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2014-4715
CWEhttps://cwe.mitre.org/data/definitions/189.html

Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.

Affected Software

Name Vendor Start Version End Version
Lz4 Yann_collet * r118 (including)
Eet Ubuntu lucid *
Eet Ubuntu precise *
Eet Ubuntu saucy *
Eet Ubuntu trusty *
Efl Ubuntu artful *
Efl Ubuntu utopic *
Efl Ubuntu vivid *
Efl Ubuntu wily *
Efl Ubuntu yakkety *
Efl Ubuntu zesty *
Firefox Ubuntu lucid *
Firefox Ubuntu saucy *
Firefox Ubuntu utopic *
Grub2 Ubuntu artful *
Grub2 Ubuntu cosmic *
Grub2 Ubuntu disco *
Grub2 Ubuntu eoan *
Grub2 Ubuntu lucid *
Grub2 Ubuntu precise *
Grub2 Ubuntu saucy *
Grub2 Ubuntu trusty *
Grub2 Ubuntu utopic *
Grub2 Ubuntu vivid *
Grub2 Ubuntu vivid/ubuntu-core *
Grub2 Ubuntu wily *
Grub2 Ubuntu yakkety *
Grub2 Ubuntu zesty *
Gtkwave Ubuntu artful *
Gtkwave Ubuntu lucid *
Gtkwave Ubuntu precise *
Gtkwave Ubuntu saucy *
Gtkwave Ubuntu trusty *
Gtkwave Ubuntu utopic *
Gtkwave Ubuntu vivid *
Gtkwave Ubuntu wily *
Gtkwave Ubuntu yakkety *
Gtkwave Ubuntu zesty *
Lz4 Ubuntu saucy *
Lz4 Ubuntu trusty *
Lz4 Ubuntu trusty/esm *
Lz4 Ubuntu upstream *
Lz4 Ubuntu utopic *
Lz4 Ubuntu vivid *
Php-horde-lz4 Ubuntu artful *
Php-horde-lz4 Ubuntu trusty *
Php-horde-lz4 Ubuntu utopic *
Php-horde-lz4 Ubuntu vivid *
Php-horde-lz4 Ubuntu wily *
Php-horde-lz4 Ubuntu yakkety *
Php-horde-lz4 Ubuntu zesty *
Pytables Ubuntu artful *
Pytables Ubuntu lucid *
Pytables Ubuntu precise *
Pytables Ubuntu saucy *
Pytables Ubuntu utopic *
Pytables Ubuntu vivid *
Pytables Ubuntu wily *
Pytables Ubuntu yakkety *
Pytables Ubuntu zesty *
Thunderbird Ubuntu lucid *
Thunderbird Ubuntu saucy *
Thunderbird Ubuntu utopic *
Zfsutils Ubuntu precise *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use