DebianDEBIAN:DLA-133-1:1FE7D[SECURITY] [DLA 133-1] unrtf security update
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%
Package : unrtf
Version : 0.19.3-1.1+deb6u1
CVE ID : CVE-2014-9274 CVE-2014-9275
Debian Bug : 772811
CVE-2014-9274:
check that accesses to color table stay within bounds
Patches taken from upstream commits:
- CVE-2014-9274: b0cef89a170a66bc48f8dd288ce562ea8ca91f7a
CVE-2014-9275:
various crashes
. - CVE-2014-9275: 1df886f2e65f7c512a6217588ae8d94d4bcbc63d
3c7ff3f888de0f0d957fe67b6bd4bec9c0d475f3
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 6 | i386 | unrtf | < 0.19.3-1.1+deb6u1 | unrtf_0.19.3-1.1+deb6u1_i386.deb |
| Debian | 7 | i386 | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_i386.deb |
| Debian | 7 | mipsel | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_mipsel.deb |
| Debian | 7 | mips | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_mips.deb |
| Debian | 7 | sparc | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_sparc.deb |
| Debian | 6 | all | unrtf | < 0.19.3-1.1+deb6u1 | unrtf_0.19.3-1.1+deb6u1_all.deb |
| Debian | 6 | amd64 | unrtf | < 0.19.3-1.1+deb6u1 | unrtf_0.19.3-1.1+deb6u1_amd64.deb |
| Debian | 7 | armhf | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_armhf.deb |
| Debian | 7 | armel | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_armel.deb |
| Debian | 7 | s390 | unrtf | < 0.21.5-3~deb7u1 | unrtf_0.21.5-3~deb7u1_s390.deb |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%