CVE-2014-5461

Published: Sep 4, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20140821 Re: CVE request: possible overflow in vararg functions

mailing-list

USN-2338-1

vendor-advisory

GLSA-201701-53

vendor-advisory

[oss-security] 20140827 Re: Lua CVE request [was Re: CVE request: possible overflow in vararg functions]

mailing-list

vdb-entry

third-party-advisory

vendor-advisory

vendor-advisory

[oss-security] 20140821 CVE request: possible overflow in vararg functions

mailing-list

60869

third-party-advisory

DSA-3015

vendor-advisory

61411

third-party-advisory

http://www.lua.org/bugs.html#5.2.2-1

openSUSE-SU-2014:1145

vendor-advisory

http://advisories.mageia.org/MGASA-2014-0414.html

GLSA-202305-23

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-5461

Description

Affected Products

References