23 Aoû 2015
Vulnerability Details : CVE-2014-6272
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.
Publish Date : 2015-08-24 Last Update Date : 2015-08-24
- CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.
- Products Affected By CVE-2014-6272
- References For CVE-2014-6272
- Metasploit Modules Related To CVE-2014-6272
There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)