Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2014-9474

Published: 10/10/2017 Updated: 05/11/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in the mpfr_strtofr function in GNU MPFR prior to 3.1.2-p11 allows context-dependent malicious users to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.

Vulnerable Product Search on Vulmon Subscribe to Product

mpfr gnu mpfr

Vendor Advisories

Debian CVElist Bug Report Logs: libmpfr4: CVE-2014-9474: buffer overflow in mpfr_strtofr
Debian Bug report logs - #772008 libmpfr4: CVE-2014-9474: buffer overflow in mpfr_strtofr Package: libmpfr4; Maintainer for libmpfr4 is Debian GCC Maintainers <debian-gcc@listsdebianorg>; Source for libmpfr4 is src:mpfr4 (PTS, buildd, popcon) Reported by: Vincent Lefevre <vincent@vinc17net> Date: Thu, 4 Dec 2014 ...
Red Hat: CVE-2014-9474
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 312-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str ...

References

CWE-119https://security.gentoo.org/glsa/201512-06https://gmplib.org/list-archives/gmp-bugs/2013-December/003267.htmlhttps://gforge.inria.fr/scm/viewvc.php/mpfr?revision=9243&view=revisionhttps://bugzilla.redhat.com/show_bug.cgi?id=1171701http://www.securityfocus.com/bid/71542http://www.openwall.com/lists/oss-security/2015/01/03/12http://www.mpfr.org/mpfr-3.1.2/patch11http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147745.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147737.htmlhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772008
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4541CVE-2024-3080CVE-2024-4787log injectionCVE-2024-5967injectCVE-2024-30078CVE-2024-5899
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook