CVE-2014-8483

Canonical Ubuntu Linux - Out-of-Bounds Read

Title source: rule

Description

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

References (11)

Core 11

Core References

Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/61932

Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2401-1

Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/62261

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-3063

Issue Tracking, Vendor Advisory x_refsource_confirm

http://bugs.quassel-irc.org/issues/1314

Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-3068

Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/62035

Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html

Issue Tracking, Patch x_refsource_confirm

https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138

Scores

EPSS 0.0234

EPSS Percentile 85.0%

Details

CWE

CWE-125

Status published

Products (6)

canonical/ubuntu_linux 12.04

debian/debian_linux 7.0

opensuse/opensuse 12.3

opensuse/opensuse 13.1

opensuse/opensuse 13.2

quassel-irc/quassel_irc 0.10.0

Published Nov 06, 2014

Tracked Since Feb 18, 2026