CVE-2014-9273

Published: Dec 8, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-201503-07

vendor-advisory

x_refsource_GENTOO

https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705

x_refsource_CONFIRM

openSUSE-SU-2015:0189

vendor-advisory

x_refsource_SUSE

71279

vdb-entry

x_refsource_BID

[oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1167756

x_refsource_CONFIRM

RHSA-2015:0301

vendor-advisory

x_refsource_REDHAT

https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb

x_refsource_CONFIRM

[oss-security] 20141125 CVE request: missing checks for small-sized files in hivex

mailing-list

x_refsource_MLIST

[Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives

mailing-list

x_refsource_MLIST

RHSA-2015:1378

vendor-advisory

x_refsource_REDHAT

62792

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-9273

Description

Affected Products

References