{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-31T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-16T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71839"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-9482", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71839"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:47:41.068Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"name": "[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"name": "71839", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71839"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9482", "datePublished": "2018-01-16T19:00:00", "dateReserved": "2015-01-03T00:00:00", "dateUpdated": "2024-08-06T13:47:41.068Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "matchCriteriaId": "857205DA-146F-4899-9388-29F5252F3A59", "versionEndIncluding": "2014-08-05", "versionStartIncluding": "2013-01-26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."}, {"lang": "es", "value": "Vulnerabilidad de uso de memoria previamente liberada en dwarfdump en libdwarf 20130126 hasta la versi\u00f3n 20140805 podr\u00eda permitir que atacantes remotos provoquen una denegaci\u00f3n de servicio (cierre inesperado del programa) mediante un archivo ELF manipulado."}], "id": "CVE-2014-9482", "lastModified": "2024-11-21T02:20:59.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2018-01-16T19:29:00.433", "references": [{"source": "[email protected]", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"source": "[email protected]", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71839"}, {"source": "[email protected]", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/12/31/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/01/03/14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71839"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "libdwarf: use-after-free when parsing a crafted ELF file", "id": "1178725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178725"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "cwe": "CWE-416", "details": ["Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file."], "name": "CVE-2014-9482", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "libdwarf", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2014-12-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-9482\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-9482"], "threat_severity": "Low"}