CVE-2014-8483 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 86%

Affected Products (NVD)

Vendor	Product	Version
canonical	ubuntu_linux	12.04
debian	debian_linux	7.0
quassel-irc	quassel_irc	0.10.0
opensuse	opensuse	12.3
opensuse	opensuse	13.1
opensuse	opensuse	13.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

konversation

bookworm	22.12.3-1 fixed
bullseye	20.12.1-1 fixed
sid	22.12.3-1 fixed
squeeze	not-affected
trixie	22.12.3-1 fixed

quassel

bookworm	1:0.14.0-1 fixed
bullseye	1:0.13.1-5 fixed
sid	1:0.14.0-2 fixed
squeeze	not-affected
trixie	1:0.14.0-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

konversation

lucid	Fixed 1.2.3-1ubuntu2.1 released
precise	Fixed 1.4-1ubuntu2.1 released
trusty	Fixed 1.5-1ubuntu1.14.04.1 released
utopic	Fixed 1.5-1ubuntu1.14.10.1 released

quassel

lucid	ignored
precise	Fixed 0.8.0-0ubuntu1.2 released
trusty	Fixed 0.10.0-0ubuntu2.1 released
utopic	Fixed 0.10.1-0ubuntu1.1 released

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

http://bugs.quassel-irc.org/issues/1314

http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html

http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html

http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html

http://secunia.com/advisories/61932

http://secunia.com/advisories/62035

http://secunia.com/advisories/62261

http://www.debian.org/security/2014/dsa-3063

http://www.debian.org/security/2014/dsa-3068

http://www.ubuntu.com/usn/USN-2401-1

https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138

http://bugs.quassel-irc.org/issues/1314

http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html

http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html

http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html

http://secunia.com/advisories/61932

http://secunia.com/advisories/62035

http://secunia.com/advisories/62261

http://www.debian.org/security/2014/dsa-3063

http://www.debian.org/security/2014/dsa-3068

http://www.ubuntu.com/usn/USN-2401-1

https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138