Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-0044

Published: 08/02/2014 Updated: 06/03/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Mumble

Vulnerability Summary

The opus_packet_get_samples_per_frame function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote malicious users to cause a denial of service (crash) via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read (aka "out-of-bounds array access").

Vulnerable Product Search on Vulmon Subscribe to Product

light speed gaming mumble 1.2.4

light speed gaming mumble 1.2.3

Vendor Advisories

Debian CVElist Bug Report Logs: mumble: CVE-2014-0044 CVE-2014-0045
Debian Bug report logs - #737739 mumble: CVE-2014-0044 CVE-2014-0045 Package: src:mumble; Maintainer for src:mumble is Christopher Knadle <ChrisKnadle@coredumpus>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 5 Feb 2014 15:15:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Foun ...

References

CWE-119http://www.debian.org/security/2014/dsa-2854http://mumble.info/security/Mumble-SA-2014-001.txthttp://osvdb.org/102904http://lists.opensuse.org/opensuse-updates/2014-02/msg00063.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737739https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook