CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 2CVE-2014-5461
https://notcve.org/view.php?id=CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments. Desbordamiento de buffer en las funciones vararg en ldo.c en Lua 5.1 hasta 5.2.x anterior a 5.2.3 permite a atacantes dependientes de contexto causar una denegación de servicio (caída) a través de un número pequeño de argumentos en una función con un número grande de argumentos fijos. • http://advisories.mageia.org/MGASA-2014-0414.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00030.html http://secunia.com/advisories/59890 http://secunia.com/advisories/60869 http://secunia.com/advisories/61411 http://www.debian.org/security/2014/dsa-3015 http://www.debian.org/security/2014/dsa-3016 http://www.lua.org/bugs.html#5.2.2-1 http://www.mandriva.com/security/advisories?name=MDVSA-2015:144 http://www.openwall.com/lists/oss-security/2014/08/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •