CVE-2014-0045

2014-02-0800:55:06

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.085

Percentile

94.5%

JSON

The needSamples method in AudioOutputSpeech.cpp in the client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots, Mumble for iOS 1.1 through 1.2.2, and MumbleKit before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d does not check the return value of the opus_decode_float function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Opus voice packet, which triggers an error in opus_decode_float, a conversion of a negative integer to an unsigned integer, and a heap-based buffer over-read and over-write.

Affected configurations

Nvd

Node

light_speed_gamingmumbleMatch1.1iphone_os

light_speed_gamingmumbleMatch1.1rc1iphone_os

light_speed_gamingmumbleMatch1.1.1iphone_os

light_speed_gamingmumbleMatch1.2iphone_os

light_speed_gamingmumbleMatch1.2.1iphone_os

light_speed_gamingmumbleMatch1.2.2iphone_os

light_speed_gamingmumbleMatch1.2.3rc1

light_speed_gamingmumbleMatch1.2.3rc2

light_speed_gamingmumbleMatch1.2.3rc3

light_speed_gamingmumbleMatch1.2.4

light_speed_gamingmumblekitMatch-

VendorProductVersionCPE
light_speed_gamingmumble1.1cpe:2.3:a:light_speed_gaming:mumble:1.1:*:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.1cpe:2.3:a:light_speed_gaming:mumble:1.1:rc1:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.1.1cpe:2.3:a:light_speed_gaming:mumble:1.1.1:*:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.2cpe:2.3:a:light_speed_gaming:mumble:1.2:*:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.2.1cpe:2.3:a:light_speed_gaming:mumble:1.2.1:*:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.2.2cpe:2.3:a:light_speed_gaming:mumble:1.2.2:*:*:*:*:iphone_os:*:*
light_speed_gamingmumble1.2.3cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc1:*:*:*:*:*:*
light_speed_gamingmumble1.2.3cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc2:*:*:*:*:*:*
light_speed_gamingmumble1.2.3cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc3:*:*:*:*:*:*
light_speed_gamingmumble1.2.4cpe:2.3:a:light_speed_gaming:mumble:1.2.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
light_speed_gaming	mumble	1.1	cpe:2.3:a:light_speed_gaming:mumble:1.1:::::iphone_os::
light_speed_gaming	mumble	1.1	cpe:2.3:a:light_speed_gaming:mumble:1.1:rc1::::iphone_os::*
light_speed_gaming	mumble	1.1.1	cpe:2.3:a:light_speed_gaming:mumble:1.1.1:::::iphone_os::
light_speed_gaming	mumble	1.2	cpe:2.3:a:light_speed_gaming:mumble:1.2:::::iphone_os::
light_speed_gaming	mumble	1.2.1	cpe:2.3:a:light_speed_gaming:mumble:1.2.1:::::iphone_os::
light_speed_gaming	mumble	1.2.2	cpe:2.3:a:light_speed_gaming:mumble:1.2.2:::::iphone_os::
light_speed_gaming	mumble	1.2.3	cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc1::::::
light_speed_gaming	mumble	1.2.3	cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc2::::::
light_speed_gaming	mumble	1.2.3	cpe:2.3:a:light_speed_gaming:mumble:1.2.3:rc3::::::
light_speed_gaming	mumble	1.2.4	cpe:2.3:a:light_speed_gaming:mumble:1.2.4:::::::*