Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-07-23T14:00:00

Updated: 2024-08-06T11:20:26.001Z

Reserved: 2014-06-20T00:00:00

Link: CVE-2014-4502

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-07-23T14:55:06.117

Modified: 2024-11-21T02:10:19.077

Link: CVE-2014-4502

cve-icon Redhat

No data.