Vulnerability Details : CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2014-9862
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-9862
95.95%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-9862
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2014-9862
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9862
-
https://bugs.chromium.org/p/chromium/issues/detail?id=372525
372525 - Security: heap write access due to integer overflow on bspatch implementations - chromium - MonorailIssue Tracking
-
http://www.openwall.com/lists/oss-security/2020/07/09/2
oss-security - X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch
-
http://www.securityfocus.com/bid/91824
Apple Mac OS X APPLE-SA-2016-07-18-1 Multiple Security Vulnerabilities
-
https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998
4d054795b673855e3a7556c6f2f7ab99ca509998 - platform/external/bsdiff - Git at GoogleIssue Tracking
-
https://support.apple.com/HT206903
About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 - Apple SupportVendor Advisory
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Apple - Lists.apple.comMailing List;Vendor Advisory
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc
-
http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html
openSUSE-SU-2016:1977-1: moderate: Security update for bsdiff
-
http://www.securitytracker.com/id/1036438
FreeBSD bsdiff Heap Overflow in Processing Patch Files Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659
d0307d1711bd74e51b783a49f9160775aa22e659 - chromiumos/third_party/bsdiff - Git at GoogleIssue Tracking
-
http://seclists.org/fulldisclosure/2020/Jul/8
Full Disclosure: X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch
-
https://usn.ubuntu.com/4500-1/
USN-4500-1: bsdiff vulnerabilities | Ubuntu security notices | Ubuntu
-
https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html
[SECURITY] [DLA 2010-1] bsdiff security update
-
https://security.gentoo.org/glsa/202003-44
Binary diff: Heap-based buffer overflow (GLSA 202003-44) — Gentoo security
Jump to