CVE-2014-9273
hivex: missing checks for small-sized files
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
lib/handle.c en Hivex anterior a 1.3.11 permite a usuarios locales ejecutar código arbitrario y ganar privilegios a través de un fichero de hive pequeño, lo que provoca una lectura o escritura fuera de rango.
It was found that hivex attempted to read, and possibly write, beyond its allocated buffer when reading a hive file with a very small size or with a truncated or improperly formatted content. An attacker able to supply a specially crafted hive file to an application using the hivex library could possibly use this flaw to execute arbitrary code with the privileges of the user running that application.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-12-04 CVE Reserved
- 2014-12-08 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://secunia.com/advisories/62792 | Third Party Advisory | |
http://www.openwall.com/lists/oss-security/2014/11/25/6 | Mailing List | |
http://www.openwall.com/lists/oss-security/2014/12/04/14 | Mailing List | |
http://www.securityfocus.com/bid/71279 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html | 2018-10-30 | |
http://rhn.redhat.com/errata/RHSA-2015-0301.html | 2018-10-30 | |
http://rhn.redhat.com/errata/RHSA-2015-1378.html | 2018-10-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1167756 | 2015-07-20 | |
https://security.gentoo.org/glsa/201503-07 | 2018-10-30 | |
https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html | 2018-10-30 | |
https://access.redhat.com/security/cve/CVE-2014-9273 | 2015-07-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Hpc Node Search vendor "Redhat" for product "Enterprise Linux Hpc Node" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Hpc Node" and version "6.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Hivex Search vendor "Debian" for product "Hivex" | <= 1.3.10-2 Search vendor "Debian" for product "Hivex" and version " <= 1.3.10-2" | - |
Affected
|