CVE-2014-6272

Current Description

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.

Referenced by CVEs:CVE-2015-6525

Basic Data

PublishedAugust 24, 2015
Last ModifiedDecember 09, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-189
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux7.0*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationLibevent ProjectLibevent1.4.0*******
    2.3ApplicationLibevent ProjectLibevent1.4.1*******
    2.3ApplicationLibevent ProjectLibevent1.4.2*******
    2.3ApplicationLibevent ProjectLibevent1.4.3*******
    2.3ApplicationLibevent ProjectLibevent1.4.4*******
    2.3ApplicationLibevent ProjectLibevent1.4.5*******
    2.3ApplicationLibevent ProjectLibevent1.4.6*******
    2.3ApplicationLibevent ProjectLibevent1.4.7*******
    2.3ApplicationLibevent ProjectLibevent1.4.8*******
    2.3ApplicationLibevent ProjectLibevent1.4.9*******
    2.3ApplicationLibevent ProjectLibevent1.4.10*******
    2.3ApplicationLibevent ProjectLibevent1.4.11*******
    2.3ApplicationLibevent ProjectLibevent1.4.12*******
    2.3ApplicationLibevent ProjectLibevent1.4.13*******
    2.3ApplicationLibevent ProjectLibevent1.4.14*******
    2.3ApplicationLibevent ProjectLibevent2.0.1*******
    2.3ApplicationLibevent ProjectLibevent2.0.2*******
    2.3ApplicationLibevent ProjectLibevent2.0.3*******
    2.3ApplicationLibevent ProjectLibevent2.0.4*******
    2.3ApplicationLibevent ProjectLibevent2.0.5*******
    2.3ApplicationLibevent ProjectLibevent2.0.6*******
    2.3ApplicationLibevent ProjectLibevent2.0.7*******
    2.3ApplicationLibevent ProjectLibevent2.0.8*******
    2.3ApplicationLibevent ProjectLibevent2.0.9*******
    2.3ApplicationLibevent ProjectLibevent2.0.10*******
    2.3ApplicationLibevent ProjectLibevent2.0.11*******
    2.3ApplicationLibevent ProjectLibevent2.0.12*******
    2.3ApplicationLibevent ProjectLibevent2.0.13*******
    2.3ApplicationLibevent ProjectLibevent2.0.14*******
    2.3ApplicationLibevent ProjectLibevent2.0.15*******
    2.3ApplicationLibevent ProjectLibevent2.0.16*******
    2.3ApplicationLibevent ProjectLibevent2.0.17*******
    2.3ApplicationLibevent ProjectLibevent2.0.18*******
    2.3ApplicationLibevent ProjectLibevent2.0.19*******
    2.3ApplicationLibevent ProjectLibevent2.0.20*******
    2.3ApplicationLibevent ProjectLibevent2.0.21*******
    2.3ApplicationLibevent ProjectLibevent2.1.1*******
    2.3ApplicationLibevent ProjectLibevent2.1.2*******
    2.3ApplicationLibevent ProjectLibevent2.1.3*******
    2.3ApplicationLibevent ProjectLibevent2.1.4*******

Vulnerable Software List

VendorProductVersions
Libevent Project Libevent 1.4.0, 1.4.1, 1.4.10, 1.4.11, 1.4.12, 1.4.13, 1.4.14, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.4.8, 1.4.9, 2.0.1, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19, 2.0.2, 2.0.20, 2.0.21, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.1.1, 2.1.2, 2.1.3, 2.1.4
Debian Debian Linux 7.0

References

NameSourceURLTags
[Libevent-users] 20150105 Advisory: integer overflow in evbuffers for Libevent <= 1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272]http://archives.seul.org/libevent/users/Jan-2015/msg00010.htmlMLISTVendor Advisory
DSA-3119http://www.debian.org/security/2015/dsa-3119DEBIAN
SSA:2016-085-01http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.366317SLACKWARE
https://puppet.com/security/cve/CVE-2014-6272https://puppet.com/security/cve/CVE-2014-6272CONFIRM