Date published: 2014-10-24T20:55:03.927-04:00
Date last modified: 2014-10-27T11:04:17.327-04:00
CVSS Score: 6.0
Principal attack vector: NETWORK
Reference URL: http://seclists.org/fulldisclosure/2014/Oct/29
Summary: Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request.