{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-31T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-16T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71839"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9482", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71839"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:47:41.068Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71839"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9482", "datePublished": "2018-01-16T19:00:00", "dateReserved": "2015-01-03T00:00:00", "dateUpdated": "2024-08-06T13:47:41.068Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "matchCriteriaId": "857205DA-146F-4899-9388-29F5252F3A59", "versionEndIncluding": "2014-08-05", "versionStartIncluding": "2013-01-26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}, {"lang": "es", "value": "Vulnerabilidad de uso de memoria previamente liberada en dwarfdump en libdwarf 20130126 hasta la versi\u00f3n 20140805 podr\u00eda permitir que atacantes remotos provoquen una denegaci\u00f3n de servicio (cierre inesperado del programa) mediante un archivo ELF manipulado."}], "id": "CVE-2014-9482", "lastModified": "2020-01-29T19:08:23.243", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-16T19:29:00.433", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71839"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libdwarf: use-after-free when parsing a crafted ELF file", "id": "1178725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "cwe": "CWE-416", "details": ["Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."], "name": "CVE-2014-9482", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "libdwarf", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2014-12-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-9482\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-9482"], "threat_severity": "Low"}