Computer Security
[EN] securityvulns.ru no-pyccku


DirectFB security vulnerabilities
Published:04.05.2015
Source:
SecurityVulns ID:14426
Type:library
Threat Level:
5/10
Description:Signess errors, buffer overflow, memory corruption.
Affected:DIRECTFB : DirectFB 1.4
CVE:CVE-2014-2978 (The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.)
 CVE-2014-2977 (Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:223 ] directfb (04.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod