Lucene search

K
nvd[email protected]NVD:CVE-2014-3970
HistoryJun 11, 2014 - 2:55 p.m.

CVE-2014-3970

2014-06-1114:55:09
web.nvd.nist.gov
2

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.021

Percentile

89.2%

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

Affected configurations

Nvd
Node
pulseaudiopulseaudioMatch1.0
OR
pulseaudiopulseaudioMatch1.1
OR
pulseaudiopulseaudioMatch1.99.1
OR
pulseaudiopulseaudioMatch1.99.2
OR
pulseaudiopulseaudioMatch2.0
OR
pulseaudiopulseaudioMatch2.1
OR
pulseaudiopulseaudioMatch3.0
OR
pulseaudiopulseaudioMatch4.0
OR
pulseaudiopulseaudioMatch5.0
VendorProductVersionCPE
pulseaudiopulseaudio1.0cpe:2.3:a:pulseaudio:pulseaudio:1.0:*:*:*:*:*:*:*
pulseaudiopulseaudio1.1cpe:2.3:a:pulseaudio:pulseaudio:1.1:*:*:*:*:*:*:*
pulseaudiopulseaudio1.99.1cpe:2.3:a:pulseaudio:pulseaudio:1.99.1:*:*:*:*:*:*:*
pulseaudiopulseaudio1.99.2cpe:2.3:a:pulseaudio:pulseaudio:1.99.2:*:*:*:*:*:*:*
pulseaudiopulseaudio2.0cpe:2.3:a:pulseaudio:pulseaudio:2.0:*:*:*:*:*:*:*
pulseaudiopulseaudio2.1cpe:2.3:a:pulseaudio:pulseaudio:2.1:*:*:*:*:*:*:*
pulseaudiopulseaudio3.0cpe:2.3:a:pulseaudio:pulseaudio:3.0:*:*:*:*:*:*:*
pulseaudiopulseaudio4.0cpe:2.3:a:pulseaudio:pulseaudio:4.0:*:*:*:*:*:*:*
pulseaudiopulseaudio5.0cpe:2.3:a:pulseaudio:pulseaudio:5.0:*:*:*:*:*:*:*

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.021

Percentile

89.2%