{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-01-05T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via \"insanely large inputs\" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-08-24T13:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[Libevent-users] 20150105 Advisory: integer overflow in evbuffers for Libevent <= 1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://archives.seul.org/libevent/users/Jan-2015/msg00010.html"}, {"name": "DSA-3119", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3119"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-6525", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via \"insanely large inputs\" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[Libevent-users] 20150105 Advisory: integer overflow in evbuffers for Libevent <= 1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272]", "refsource": "MLIST", "url": "http://archives.seul.org/libevent/users/Jan-2015/msg00010.html"}, {"name": "DSA-3119", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3119"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:22:22.219Z"}, "title": "CVE Program Container", "references": [{"name": "[Libevent-users] 20150105 Advisory: integer overflow in evbuffers for Libevent <= 1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://archives.seul.org/libevent/users/Jan-2015/msg00010.html"}, {"name": "DSA-3119", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3119"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-6525", "datePublished": "2015-08-24T14:00:00", "dateReserved": "2015-08-20T00:00:00", "dateUpdated": "2024-08-06T07:22:22.219Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B21E9A8-CE63-42C2-A11A-94D977A96DF1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0D7F7F3-5FA4-4812-B52E-A3A98BB395F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9CDEE68F-FAE7-4F6A-BAE4-CB749459FC53", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F7716AC-3D51-4987-90B1-814ACA065932", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "31792597-A8B3-4F22-9013-2103AA0170C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9CDB0FC3-958E-4E9E-A366-8661BF84D588", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6598FFC5-6C18-487B-BEA5-9D291A5D4EA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "412E95EF-906D-4523-9820-6D145EDFA00D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "CA715BA0-A989-407D-B5CA-B288D470D889", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "5F7C2E29-43FF-4539-B952-3FED67779579", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "6EF813B8-EEF9-425B-90B7-944E3FD3A03E", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "F264AD63-C439-4DDE-A64A-F1CC3F9EE445", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "A85D90CC-71BA-41D5-A283-221E9793CC35", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "CEF0A64A-A290-4670-A975-03A38808E2FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "B5E1FDA8-05D9-4368-8396-E9AED85B1919", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "D210003F-B3DE-4964-8F1F-58AB1F75AFF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "28B95E3A-356D-41BC-94DE-EF7018F0E430", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "1D5C29DA-FC46-40E1-84BA-3D4AA4E915E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "712FC1B9-F0C0-49BC-9E70-ADB2C18C442D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "0221BF5A-0E2C-4A3D-BF78-87A971BE1936", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "BCDCBAF3-A5F9-470B-9829-C26994BFBB29", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "4DEF0BCB-FAAC-4B92-BE12-A0741FFBE9AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "86B978BE-1156-4C0A-A151-CC6E5ACE75BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A059287-BB94-4FC2-962B-EF1DBBF7D8FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "78620372-0ACD-4863-B29E-8A5E6049A538", "vulnerable": true}, {"criteria": "cpe:2.3:a:libevent_project:libevent:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "64A02886-DA11-4E95-B18E-563577B7BE0A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via \"insanely large inputs\" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions."}, {"lang": "es", "value": "Vulnerabilidad de desbordamientos de entero m\u00faltiple en la API evbuffer en Libevent 2.0.x en versiones anteriores a 2.0.22 y 2.1.x en versiones anteriores a 2.1.5-beta, permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de 'entradas incre\u00edblemente grandes' en la funci\u00f3n (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space o (5) evbuffer_read, lo que desencadena un desbordamiento de buffer basado en memoria din\u00e1mica o un bucle infinito. NOTA: este identificador ha sido SEPARADO de CVE-2014-6272 por ADT3 debido a las diferentes versiones afectadas."}], "id": "CVE-2015-6525", "lastModified": "2024-11-21T02:35:09.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-08-24T14:59:14.133", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://archives.seul.org/libevent/users/Jan-2015/msg00010.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3119"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://archives.seul.org/libevent/users/Jan-2015/msg00010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2015/dsa-3119"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libevent: multiple integer overflows in the evbuffer APIs", "id": "1256797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256797"}, "csaw": false, "cvss": {"cvss_base_score": "5.1", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "status": "draft"}, "cwe": "CWE-190->(CWE-122|CWE-835)", "details": ["Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via \"insanely large inputs\" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions.", "Multiple integer overflow flaws were found in the libevent's evbuffer API. An attacker able to make an application pass an excessively long input to libevent using the API could use these flaws to make the application enter an infinite loop, crash, and, possibly, execute arbitrary code."], "name": "CVE-2015-6525", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "nfs-utils", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "openmpi", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "libevent", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "openmpi", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "chromium-browser", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libevent", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "openmpi", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "libevent", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "openmpi", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2015-08-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-6525\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-6525"], "threat_severity": "Moderate", "upstream_fix": "libevent 1.4.15, libevent 2.0.22, libevent 2.1.5"}