Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD stdlib fflush vulnereability
Published:10.12.2014
Source:
SecurityVulns ID:14141
Type:library
Threat Level:
7/10
Description:Under some condition, heap buffer overflow can be caused by invalid fflush() behavior.
Affected:FREEBSD : FreeBSD 10.1
CVE:CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:27.stdio (10.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod