CVE-2014-2977CVE-2014-2977

Affected configuration(s):

cpe:/a:directfb:directfb:1.4.13
cpe:/o:novell:opensuse:13.1
cpe:/o:novell:opensuse:13.2
cpe:/o:suse:linux_enterprise_desktop:12
cpe:/o:suse:linux_enterprise_server:12
cpe:/o:suse:linux_enterprise_software_development_kit:12
cpe:/o:suse:linux_enterprise_workstation_extension:12

Date published: 2014-06-11T10:55:07.470-04:00

Date last modified: 2017-06-30T21:29:06.093-04:00

CVSS Score: 10.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://advisories.mageia.org/MGASA-2015-0176.html

Summary: Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.