github - ghsa-3f9p-mvpq-ggr6

ghsa-3f9p-mvpq-ggr6

Vulnerability from github

Published

2022-05-17 04:38

Modified

2022-05-17 04:38

Details

The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-5384"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-08-21T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function.  NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.",
  "id": "GHSA-3f9p-mvpq-ggr6",
  "modified": "2022-05-17T04:38:05Z",
  "published": "2022-05-17T04:38:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5384"
    },
    {
      "type": "WEB",
      "url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
    },
    {
      "type": "WEB",
      "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1030458"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2014-5384 (GCVE-0-2014-5384)

Vulnerability from cvelistv5

Published

2014-08-21 22:00

Modified

2024-08-06 11:41

Severity ?

CWE

n/a

Summary

The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.

References

►

URL

Tags

	http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc	vendor-advisory, x_refsource_FREEBSD
	http://www.securitytracker.com/id/1030458	vdb-entry, x_refsource_SECTRACK
	http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:49.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FreeBSD-SA-14:15",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
          },
          {
            "name": "1030458",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030458"
          },
          {
            "name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function.  NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-08-21T21:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FreeBSD-SA-14:15",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
        },
        {
          "name": "1030458",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030458"
        },
        {
          "name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-5384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function.  NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FreeBSD-SA-14:15",
              "refsource": "FREEBSD",
              "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
            },
            {
              "name": "1030458",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030458"
            },
            {
              "name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
              "refsource": "MLIST",
              "url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-5384",
    "datePublished": "2014-08-21T22:00:00",
    "dateReserved": "2014-08-21T00:00:00",
    "dateUpdated": "2024-08-06T11:41:49.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.