Wind River Support Network

HomeDefectsLIN6-9380
Fixed

LIN6-9380 : Security Advisory - dpkg - CVE-2014-8625

Created: Feb 1, 2015    Updated: Dec 3, 2018
Resolved Date: Jun 23, 2015
Found In Version: 6.0
Fix Version: 6.0.0.22
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8625

Other Downloads


Live chat
Online