Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

References

blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html

web.archive.org/web/20140701023922/www.oberhumer.com/opensource/lzo/

nessus 46

openvas 49

mageia 14

debian 5

fedora 15

redhat 2

debiancve 1

suse 2

securityvulns 2

f5 2

ibm 4

freebsd 1

cve 1

prion 1

veracode 1

osv 1

centos 1

nvd 1

ubuntu 1

amazon 1

oraclelinux 1

gentoo 2

ubuntucve 1

thn 1

nessus

Fedora 19 : grub2-2.00-27.fc19 (2014-16452)

2014-12-17 00:00:00

Fedora 21 : icecream-1.0.1-8.20140822git.fc21 (2014-10217)

2014-09-23 00:00:00

Debian DSA-2995-1 : lzo2 - security update

2014-08-04 00:00:00

openvas

Amazon Linux: Security Advisory (ALAS-2014-373)

2015-09-08 00:00:00

Fedora Update for icecream FEDORA-2014-10366

2014-11-20 00:00:00

Mageia: Security Advisory (MGASA-2014-0360)

2022-01-28 00:00:00

mageia

Updated liblzo packages fix CVE-2014-4607

2014-07-09 02:50:36

Updated distcc packages fix CVE-2014-4607

2014-09-01 14:44:17

Updated libvncserver and remmina packages fix security vulnerability

2014-08-27 03:04:56

debian

[DLA 35-1] lzo2 security update

2014-08-11 16:38:42

[SECURITY] [DSA 2995-1] lzo2 security update

2014-08-03 07:37:56

[SECURITY] [DSA 2995-1] lzo2 security update

2014-08-03 07:37:56

fedora

[SECURITY] Fedora 20 Update: lzo-2.08-1.fc20

2014-07-03 04:02:18

[SECURITY] Fedora 20 Update: dump-0.4-0.24.b44.fc20

2015-02-25 13:29:59

[SECURITY] Fedora 20 Update: grub2-2.00-27.fc20

2014-12-12 04:31:11

redhat

(RHSA-2014:0861) Moderate: lzo security update

2014-07-09 00:00:00

(RHSA-2014:0979) Moderate: rhev-hypervisor6 security and bug fix update

2014-07-29 00:00:00

debiancve

CVE-2014-4607

2020-02-12 14:15:10

suse

Security update for lzo (important)

2014-07-31 19:04:17

Security update for lzo (important)

2014-07-16 19:04:17

securityvulns

[ MDVSA-2014:134 ] liblzo

2014-07-22 00:00:00

liblzo integer overflow

2014-07-22 00:00:00

SOL95698826 - LZO vulnerability CVE-2014-4607

2016-02-03 00:00:00

K95698826 : LZO vulnerability CVE-2014-4607

2016-02-04 00:00:00

ibm

Security Bulletin: A busybox vulnerability affects IBM DataPower Gateways (CVE-2014-4607)

2018-06-15 07:06:27

Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 )

2018-06-16 21:46:13

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in busybox, arpwatch, apr, acpid, augeas, firefox, ctdb.

2021-12-15 07:41:22

freebsd

krfb -- Possible Denial of Service or code execution via integer overflow

2014-08-03 00:00:00

cve

CVE-2014-4607

2020-02-12 14:15:10

prion

Integer overflow

2020-02-12 14:15:00

veracode

Remote Code Execution (RCE)

2020-12-11 09:20:29

osv

lzo2 - security update

2014-08-03 00:00:00

centos

lzo security update

2014-07-09 12:38:49

nvd

CVE-2014-4607

2020-02-12 14:15:10

ubuntu

LZO vulnerability

2014-07-24 00:00:00

amazon

Medium: lzo

2014-07-09 16:45:00

oraclelinux

lzo security update

2014-07-09 00:00:00

gentoo

LZO: Multiple vulnerabilities

2017-01-02 00:00:00

BusyBox: Multiple vulnerabilities

2015-03-29 00:00:00

ubuntucve

CVE-2014-4607

2014-07-09 00:00:00

thn

20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

2014-06-27 05:43:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVELIST:CVE-2014-4607