VDB
CVE-2014-9765
CVE-2014-9765
PUBLISHED
Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file.
EPSS 2.47% · 85.6th percentile
Risk Scores
EPSS Score
2.47%
85.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | xdelta3 | 0, 3.0.7-dfsg-2 |
Exploit Intelligence
- [oss-security] 20160208 Re: CVE request - buffer overflow in xdelta3 before 3.0.9 (circl)
- https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2 (circl)
- USN-2901-1 (circl)
- DSA-3484 (circl)
- openSUSE-SU-2016:0524 (circl)
- GLSA-201701-40 (circl)
- 83109 (circl)
- openSUSE-SU-2016:0530 (circl)
- [oss-security] 20160208 CVE request - buffer overflow in xdelta3 before 3.0.9 (circl)
Timeline
- Dec 31, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2014-9765 third-party-advisory
- http://www.openwall.com/lists/oss-security/2016/02/08/1 third-party-advisory
- https://ubuntu.com/security/notices/USN-2901-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2014-9765 third-party-advisory