CVE-2014-2892 - OpenCVE

Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Libmms Project	Libmms

Configuration 1 [-]

OR	cpe:2.3:a:libmms_project:libmms::::::::
	cpe:2.3:a:libmms_project:libmms:0.6:::::::*
	cpe:2.3:a:libmms_project:libmms:0.6.1:::::::*
	cpe:2.3:a:libmms_project:libmms:0.6.2:::::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-updates/2014-05/msg00001.html
http://secunia.com/advisories/57875
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
http://www.debian.org/security/2014/dsa-2916
http://www.openwall.com/lists/oss-security/2014/04/18/14
http://www.securityfocus.com/bid/66933
https://exchange.xforce.ibmcloud.com/vulnerabilities/92640
https://security.gentoo.org/glsa/201612-29

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-04-22T14:00:00

Updated: 2024-08-06T10:28:46.038Z

Reserved: 2014-04-17T00:00:00

Link: CVE-2014-2892

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-04-22T14:23:35.940

Modified: 2017-08-29T01:34:34.950

Link: CVE-2014-2892

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-2916", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2916"}, {"name": "66933", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/66933"}, {"name": "57875", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/57875"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog"}, {"name": "openSUSE-SU-2014:0590", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00001.html"}, {"name": "[oss-security] 20140418 Re: libmms heap-based buffer overflow fix", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/04/18/14"}, {"name": "GLSA-201612-29", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201612-29"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8"}, {"name": "libmms-getanswer-bo(92640)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92640"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2892", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-2916", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2916"}, {"name": "66933", "refsource": "BID", "url": "http://www.securityfocus.com/bid/66933"}, {"name": "57875", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57875"}, {"name": "http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog", "refsource": "CONFIRM", "url": "http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog"}, {"name": "openSUSE-SU-2014:0590", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00001.html"}, {"name": "[oss-security] 20140418 Re: libmms heap-based buffer overflow fix", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/04/18/14"}, {"name": "GLSA-201612-29", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-29"}, {"name": "http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8", "refsource": "CONFIRM", "url": "http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8"}, {"name": "libmms-getanswer-bo(92640)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92640"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:28:46.038Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-2916", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2916"}, {"name": "66933", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/66933"}, {"name": "57875", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/57875"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog"}, {"name": "openSUSE-SU-2014:0590", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00001.html"}, {"name": "[oss-security] 20140418 Re: libmms heap-based buffer overflow fix", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/04/18/14"}, {"name": "GLSA-201612-29", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201612-29"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8"}, {"name": "libmms-getanswer-bo(92640)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92640"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-2892", "datePublished": "2014-04-22T14:00:00", "dateReserved": "2014-04-17T00:00:00", "dateUpdated": "2024-08-06T10:28:46.038Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libmms_project:libmms:*:*:*:*:*:*:*:*", "matchCriteriaId": "51E1AE4A-E9A4-42A9-A09E-FE31838C99FC", "versionEndIncluding": "0.6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:libmms_project:libmms:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "3F4F1A60-018E-4B24-BBFB-7FD538499F45", "vulnerable": true}, {"criteria": "cpe:2.3:a:libmms_project:libmms:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "287429C3-068C-4D46-922C-2C96F69C62FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:libmms_project:libmms:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "667DDCA9-0503-429E-BD7B-B938D23FB010", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n get_answer en mmsh.c en libmms anterior a 0.6.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una l\u00ednea larga en un MMS sobre respuesta de servidor HTTP (MMSH)."}], "id": "CVE-2014-2892", "lastModified": "2017-08-29T01:34:34.950", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-22T14:23:35.940", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/57875"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2014/dsa-2916"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2014/04/18/14"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/66933"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92640"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201612-29"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}