CVE-2014-2892
Published: 22 April 2014
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
Priority
Status
Package | Release | Status |
---|---|---|
libmms Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(0.6.2-2ubuntu0.1)
|
|
quantal |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Released
(0.6.2-3ubuntu2.1)
|
|
upstream |
Released
(0.6.2-4)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Not vulnerable
(0.6.2-4build1)
|
|
xenial |
Not vulnerable
(0.6.4-1)
|
|
Patches: upstream: http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8 |