CVE-2014-1474
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.
Vulnerabilidad en la complejidad algorítmica en Email::Address::List anterior a 0.02, utilizado en RT 4.2.0 hasta 4.2.2, permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de una cadena sin dirección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-01-16 CVE Reserved
- 2014-07-15 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.bestpractical.com/pipermail/rt-announce/2014-June/000257.html | 2014-07-15 | |
| https://metacpan.org/changes/release/ALEXMV/Email-Address-List-0.02 | 2014-07-15 |
| URL | Date | SRC |
|---|---|---|
| http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html | 2014-07-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bestpractical Search vendor "Bestpractical" | Rt Search vendor "Bestpractical" for product "Rt" | 4.2.0 Search vendor "Bestpractical" for product "Rt" and version "4.2.0" | - |
Affected
| ||||||
| Bestpractical Search vendor "Bestpractical" | Rt Search vendor "Bestpractical" for product "Rt" | 4.2.1 Search vendor "Bestpractical" for product "Rt" and version "4.2.1" | - |
Affected
| ||||||
| Bestpractical Search vendor "Bestpractical" | Rt Search vendor "Bestpractical" for product "Rt" | 4.2.2 Search vendor "Bestpractical" for product "Rt" and version "4.2.2" | - |
Affected
| ||||||
| Email::address::list Project Search vendor "Email::address::list Project" | Email::address::list Search vendor "Email::address::list Project" for product "Email::address::list" | <= 0.01 Search vendor "Email::address::list Project" for product "Email::address::list" and version " <= 0.01" | - |
Affected
| ||||||