Lucene search

[email protected]CVE-2014-3443

HistoryMay 14, 2014 - 7:55 p.m.

CVE-2014-3443

2014-05-1419:55:13

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-3443

jetmpad.ax

jetaudio

denial of service

crash

ogg file

6.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.025 Low

EPSS

Percentile

90.1%

JSON

JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.

Affected configurations

NVD

Node

jetaudiojetaudioRange≤8.1.1

jetaudiojetaudioMatch8.0

jetaudiojetaudioMatch8.0.1

jetaudiojetaudioMatch8.0.2

jetaudiojetaudioMatch8.0.4

jetaudiojetaudioMatch8.0.5

jetaudiojetaudioMatch8.0.6

jetaudiojetaudioMatch8.0.7

jetaudiojetaudioMatch8.0.7.1000-basic

jetaudiojetaudioMatch8.0.8

jetaudiojetaudioMatch8.0.9

jetaudiojetaudioMatch8.0.10

jetaudiojetaudioMatch8.0.11

jetaudiojetaudioMatch8.0.12

jetaudiojetaudioMatch8.0.14

jetaudiojetaudioMatch8.0.15

jetaudiojetaudioMatch8.0.16

jetaudiojetaudioMatch8.0.17

jetaudiojetaudioMatch8.1.0

CPENameOperatorVersion
jetaudio:jetaudiojetaudiole8.1.1
jetaudio:jetaudiojetaudioeq8.0
jetaudio:jetaudiojetaudioeq8.0.1
jetaudio:jetaudiojetaudioeq8.0.2
jetaudio:jetaudiojetaudioeq8.0.4
jetaudio:jetaudiojetaudioeq8.0.5
jetaudio:jetaudiojetaudioeq8.0.6
jetaudio:jetaudiojetaudioeq8.0.7
jetaudio:jetaudiojetaudioeq8.0.7.1000
jetaudio:jetaudiojetaudioeq8.0.8

CPE	Name	Operator	Version
jetaudio:jetaudio	jetaudio	le	8.1.1
jetaudio:jetaudio	jetaudio	eq	8.0
jetaudio:jetaudio	jetaudio	eq	8.0.1
jetaudio:jetaudio	jetaudio	eq	8.0.2
jetaudio:jetaudio	jetaudio	eq	8.0.4
jetaudio:jetaudio	jetaudio	eq	8.0.5
jetaudio:jetaudio	jetaudio	eq	8.0.6
jetaudio:jetaudio	jetaudio	eq	8.0.7
jetaudio:jetaudio	jetaudio	eq	8.0.7.1000
jetaudio:jetaudio	jetaudio	eq	8.0.8