Candidate: CVE-2014-0044
PublicDate: 2014-02-08 00:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0044
Description:
 The opus_packet_get_samples_per_frame function in client in Mumble 1.2.4
 and the 1.2.3 pre-release snapshots allows remote attackers to cause a
 denial of service (crash) via a crafted length prefix value, which triggers
 a NULL pointer dereference or a heap-based buffer over-read (aka
 "out-of-bounds array access").
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737739
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_mumble:
upstream_mumble: needs-triage
lucid_mumble: ignored (reached end-of-life)
precise_mumble: not-affected (code not present)
quantal_mumble: ignored (reached end-of-life)
saucy_mumble: ignored (reached end-of-life)
trusty_mumble: not-affected (1.2.4-0.2ubuntu1)
trusty/esm_mumble: DNE (trusty was not-affected [1.2.4-0.2ubuntu1])
devel_mumble: not-affected (1.2.6-1)