Redhat : Security Vulnerabilities, CVEs, Published In December 2014 (Code Execution)

CVE-2014-9273

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-12-08
Updated
2018-10-30

CVE-2014-8138

Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
Max CVSS
7.5
EPSS Score
23.25%
Published
2014-12-24
Updated
2018-01-05

CVE-2014-8137

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
Max CVSS
6.8
EPSS Score
15.61%
Published
2014-12-24
Updated
2018-01-05

CVE-2014-7840

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
Max CVSS
7.5
EPSS Score
7.88%
Published
2014-12-12
Updated
2023-02-13
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close