Showing 1 - 3 of 3

CVE-2014-8611

Status Candidate

Overview

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

Related Files

Apple Security Advisory 2015-09-30-03: Posted Oct 1, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-30-03 - OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases.; tags | advisory, vulnerability; systems | apple, osx; advisories | CVE-2013-3951, CVE-2014-2532, CVE-2014-3618, CVE-2014-6277, CVE-2014-7186, CVE-2014-7187, CVE-2014-8080, CVE-2014-8090, CVE-2014-8146, CVE-2014-8147, CVE-2014-8611, CVE-2014-9425, CVE-2014-9427, CVE-2014-9652, CVE-2014-9705, CVE-2014-9709, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-1351, CVE-2015-1352, CVE-2015-1855, CVE-2015-2301, CVE-2015-2305, CVE-2015-2331; SHA-256 | 7a0709c784a5d4fb9ea404af89915bb4719339d731eebc17ca1e750e0b02747c; Download | Favorite | View

Apple Security Advisory 2015-09-16-1: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-1 - iOS 9 is now available and addresses denial of service, information disclosure, and various other issues.; tags | advisory, denial of service, info disclosure; systems | cisco, apple, ios; advisories | CVE-2013-3951, CVE-2014-8146, CVE-2014-8611, CVE-2015-0286, CVE-2015-0287, CVE-2015-1129, CVE-2015-1205, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5748, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802; SHA-256 | 9fd697c7c99863744ab08fa1e360cde32e9825a823a4a708279ed659764693f2; Download | Favorite | View

FreeBSD Security Advisory - stdio Buffer Overflow: Posted Dec 10, 2014; Site security.freebsd.org; FreeBSD Security Advisory - A programming error in the standard I/O library's __sflush() function could erroneously adjust the buffered stream's internal state even when no write actually occurred in the case when write(2) system call returns an error. The accounting mismatch would accumulate, if the caller does not check for stream status and will eventually lead to a heap buffer overflow. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.; tags | advisory, overflow, arbitrary; systems | freebsd; advisories | CVE-2014-8611; SHA-256 | e03b3896a72dc0c0ddbdef58fb177f6ff95b7d4b82cc0cd9d17ee4ac5a413022; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 295 files
Ubuntu 58 files
Debian 33 files
Gentoo 32 files
LiquidWorm 10 files
Apple 9 files
malvuln 6 files
Adam Gowdiak 4 files
nu11secur1ty 4 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,598)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,755)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,493)
UNIX (9,400)
UnixWare (187)
Windows (6,659)
Other

CVE-2014-8611

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems