Vulnerability CVE-2014-4607: Information

Description

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-4607
Published: Feb. 12, 2020
Modified: Feb. 14, 2020
Error type identifier: CWE-190

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://web.archive.org/web/20140701023922/http://www.oberhumer.com/opensource/lzo/
  • Vendor Advisory
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
  • Exploit
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:oberhumer:lzo2:*:*:*:*:*:*:x86:*
      End excliding
      2.07
      cpe:2.3:a:oberhumer:liblzo2:*:*:*:*:*:*:x86:*
      End excliding
      2.07
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top