PublicDateAtUSN: 2014-04-08
Candidate: CVE-2013-6370
CRD: 2014-04-08
PublicDate: 2014-04-22 13:06:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370
 https://ubuntu.com/security/notices/USN-2245-1
Description:
 Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote
 attackers to cause a denial of service via unspecified vectors.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744008
 https://bugzilla.redhat.com/show_bug.cgi?id=1032322
 https://bugs.launchpad.net/ubuntu/+source/json-c/+bug/1311397
Priority: medium
Discovered-by: Florian Weimer
Assigned-to: mdeslaur
CVSS: 

Patches_json-c:
 upstream: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
upstream_json-c: released (0.11-4)
lucid_json-c: ignored (reached end-of-life)
precise_json-c: released (0.9-1ubuntu1.1)
quantal_json-c: ignored (reached end-of-life)
saucy_json-c: released (0.11-2ubuntu1.2)
trusty_json-c: released (0.11-3ubuntu1.2)
trusty/esm_json-c: released (0.11-3ubuntu1.2)
devel_json-c: not-affected (0.11-4ubuntu1)