CVE-2014-9274: Buffer Overflow
First published: Wed Dec 03 2014(Updated: )
Michal Zalewski reported [1] an out-of-bounds memory access vulnerability in unrtf. Processing a malformed RTF file could lead to a segfault while accessing a pointer that may be under the attacker's control. This would lead to a denial of service (application crash) or, potentially, the execution of arbitrary code. Hanno Böck also reported [2] a number of other crashes in unrtf. There has been no response upstream regarding this (it seems that unrtf is no longer being maintained) so there is no patch available as of yet. [1] <a href="https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html">https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html</a> [2] <a href="https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html">https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| UnRTF | <=0.21.6 | |
| Fedora | =21 | |
| Mageia | =4 | |
| Debian | =7.0 | |
| Debian | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://advisories.mageia.org/MGASA-2014-0533.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html
- http://secunia.com/advisories/62811
- http://www.debian.org/security/2015/dsa-3158
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:007
- http://www.openwall.com/lists/oss-security/2014/12/04/15
- http://www.securityfocus.com/bid/71430
- https://bugzilla.redhat.com/show_bug.cgi?id=1170233
- https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html
- https://security.gentoo.org/glsa/201507-06
- https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html
- http://www.openwall.com/lists/oss-security/2014/12/03/4
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1170235
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1170236
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1170237
- https://access.redhat.com/security/cve/CVE-2014-9274
- https://access.redhat.com/security/cve/CVE-2014-9275
- http://seclists.org/oss-sec/2014/q4/904
- https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00000.html
- https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00001.html
- http://hg.savannah.gnu.org/hgweb/unrtf/rev/891c2f431c90
Frequently Asked Questions
What is the severity of CVE-2014-9274?
CVE-2014-9274 is classified as a high severity vulnerability due to its potential to cause application crashes and possible remote code execution.
How do I fix CVE-2014-9274?
To fix CVE-2014-9274, update to a patched version of UnRTF that is beyond version 0.21.6.
What are the consequences of exploiting CVE-2014-9274?
Exploiting CVE-2014-9274 can lead to a denial of service through application crashes or potentially allow execution of arbitrary code.
Which versions of UnRTF are affected by CVE-2014-9274?
CVE-2014-9274 affects UnRTF versions up to and including 0.21.6.
Is CVE-2014-9274 specific to certain operating systems?
CVE-2014-9274 can affect multiple operating systems including Fedora, Debian, and Mageia, depending on the version of UnRTF used.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-9274
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/unrtf project
- canonical/unrtf
- version/unrtf/0.21.6
- vendor/fedoraproject
- canonical/fedora
- version/fedora/21
- vendor/mageia project
- canonical/mageia
- version/mageia/4
- vendor/debian
- canonical/debian
- version/debian/7.0
- version/debian/8.0