{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-27T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-05-27T13:57:01.000Z", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "67090", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/67090"}, {"name": "DSA-2921", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2921"}, {"name": "[oss-security] 20140428 CVE-2014-0469: xbuffy stack-based buffer overflow in subject processing", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2014-0469", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "67090", "refsource": "BID", "url": "http://www.securityfocus.com/bid/67090"}, {"name": "DSA-2921", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2921"}, {"name": "[oss-security] 20140428 CVE-2014-0469: xbuffy stack-based buffer overflow in subject processing", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3"}, {"name": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html", "refsource": "CONFIRM", "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:20:17.944Z"}, "title": "CVE Program Container", "references": [{"name": "67090", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/67090"}, {"name": "DSA-2921", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2921"}, {"name": "[oss-security] 20140428 CVE-2014-0469: xbuffy stack-based buffer overflow in subject processing", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2014-0469", "datePublished": "2014-05-05T16:00:00.000Z", "dateReserved": "2013-12-19T00:00:00.000Z", "dateUpdated": "2024-08-06T09:20:17.944Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:debian:xbuffy:*:*:*:*:*:*:*:*", "matchCriteriaId": "412E8DE0-C1B5-4CFC-AE24-E688612A061D", "versionEndIncluding": "3.3.bl.3.dfsg-8", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-1:*:*:*:*:*:*:*", "matchCriteriaId": "D1CA3664-75F7-4E4C-B2F8-875478387785", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-2:*:*:*:*:*:*:*", "matchCriteriaId": "64A7EC99-FF68-4A3F-AD2A-91AD784670AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-3:*:*:*:*:*:*:*", "matchCriteriaId": "60DD3DD9-9A31-4FA5-8F1A-150D0D4AA248", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.2.1-4:*:*:*:*:*:*:*", "matchCriteriaId": "1147D805-7263-4CA9-A038-1AFC0EFBA920", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3-1:*:*:*:*:*:*:*", "matchCriteriaId": "EA09EDDB-583F-47E7-9347-CD47F11782B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.b1.3-4:*:*:*:*:*:*:*", "matchCriteriaId": "4747ADC8-D18C-42E0-8902-AFBD7A2736CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.2-1:*:*:*:*:*:*:*", "matchCriteriaId": "F95E24FD-3B66-4503-B6F1-A0C23040E94C", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-1:*:*:*:*:*:*:*", "matchCriteriaId": "29C3F923-4148-4720-A814-2D575DF7530E", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-2:*:*:*:*:*:*:*", "matchCriteriaId": "87716368-72E7-489C-8321-360D7A438057", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-3:*:*:*:*:*:*:*", "matchCriteriaId": "52EC4CB7-2440-4393-8258-A60EB9887193", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-5:*:*:*:*:*:*:*", "matchCriteriaId": "728D4DC0-96AE-4F05-BACD-8602562A3BD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-6:*:*:*:*:*:*:*", "matchCriteriaId": "01173B26-1140-4E74-BAF1-8007C2E3D601", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-7:*:*:*:*:*:*:*", "matchCriteriaId": "F8A01773-2E6D-4AB6-B28B-CDCBDD0DC785", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-8:*:*:*:*:*:*:*", "matchCriteriaId": "978BB5A7-9A3B-437A-840C-9A71D28D48BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-9:*:*:*:*:*:*:*", "matchCriteriaId": "948685B1-FDE4-4D39-8659-95B7A2E00FEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-10:*:*:*:*:*:*:*", "matchCriteriaId": "1579A6EB-D410-4FCE-9FAC-1678E79B4131", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-11:*:*:*:*:*:*:*", "matchCriteriaId": "F8F9C249-AAE0-4120-9659-88B317E9D4F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-12:*:*:*:*:*:*:*", "matchCriteriaId": "9690A49E-0DE2-4C54-8EC2-6EFF42DA38EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-13:*:*:*:*:*:*:*", "matchCriteriaId": "39915986-E4C2-428A-A744-B14FF1C44EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-14:*:*:*:*:*:*:*", "matchCriteriaId": "84DB8FB9-E76D-4227-B605-A550CE9E267D", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-15:*:*:*:*:*:*:*", "matchCriteriaId": "C8467FB1-D9E3-4876-B761-1807A9D09105", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-16:*:*:*:*:*:*:*", "matchCriteriaId": "287FBB30-C168-417E-8FE2-1746F6FF86D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-17:*:*:*:*:*:*:*", "matchCriteriaId": "2A2F2908-CE8A-414F-8BE2-F8BDE441D885", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-18:*:*:*:*:*:*:*", "matchCriteriaId": "EA3FA0A0-33FA-409F-AD61-1C7DBC7642C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-19:*:*:*:*:*:*:*", "matchCriteriaId": "4FA2C9E4-374D-446D-808D-F81A93F95A7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-20:*:*:*:*:*:*:*", "matchCriteriaId": "9B59715B-062E-4063-9EC2-60ED4B720022", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-21:*:*:*:*:*:*:*", "matchCriteriaId": "35FD599C-54A8-4C55-8766-46CBC9664D55", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-22:*:*:*:*:*:*:*", "matchCriteriaId": "5DD384DC-B481-4D14-8477-397CDBB31685", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-23:*:*:*:*:*:*:*", "matchCriteriaId": "133D06C5-C2C6-493A-8FA8-F3CC5A3C7281", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-24:*:*:*:*:*:*:*", "matchCriteriaId": "DD7EE546-0B41-494C-B8A3-A3AEF3C3F230", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3-25:*:*:*:*:*:*:*", "matchCriteriaId": "27B654EF-5102-4BA2-B389-6A18B11ED512", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-1:*:*:*:*:*:*:*", "matchCriteriaId": "4681EC42-F45B-48BB-9A7C-C57DDDDB68AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-2:*:*:*:*:*:*:*", "matchCriteriaId": "19681C27-8F75-49BF-AD23-E73315C6C9DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-3:*:*:*:*:*:*:*", "matchCriteriaId": "B53C79ED-A3A3-46D2-95F5-B8C3BC8F6C23", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-4:*:*:*:*:*:*:*", "matchCriteriaId": "21BE43A0-3E69-4A6D-8A36-C0A8F7AAE83F", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-5:*:*:*:*:*:*:*", "matchCriteriaId": "7DC38F67-031E-4FF1-A6D1-816FDB26D19C", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-6:*:*:*:*:*:*:*", "matchCriteriaId": "A5BE544A-DC61-4B73-8D99-B4F0677314F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-7:*:*:*:*:*:*:*", "matchCriteriaId": "C04C637A-BA5D-46EB-BCED-5C11ADD93786", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en cierto parche de Debian para xbuffy anterior a 3.3.bl.3.dfsg-9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del asunto de un email, posiblemente relacionado con l\u00edneas de asunto indentadas."}], "id": "CVE-2014-0469", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-05-05T16:07:05.643", "references": [{"source": "security@debian.org", "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html"}, {"source": "security@debian.org", "url": "http://www.debian.org/security/2014/dsa-2921"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/67090"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2014/dsa-2921"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/04/28/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/67090"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}