CVE

Id
72681  
CVE No.
CVE-2014-5384  
Status
Candidate  
Description
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.  
Phase
Assigned (20140821)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
685394 72681 CVE-2014-5384 MLIST:[source-changes] 20140624 CVS commit: src/lib/libc/citrus  View
685395 72681 CVE-2014-5384 URL:http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html  View
685396 72681 CVE-2014-5384 FREEBSD:FreeBSD-SA-14:15  View
685397 72681 CVE-2014-5384 URL:http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc  View
685398 72681 CVE-2014-5384 SECTRACK:1030458  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
15523 JVNDB-2014-004398 JobScheduler における XML 外部エンティティの脆弱性 JobScheduler には、XML 外部エンティティ (XXE) の脆弱性が存在します。 CVE-2014-5392 72681 5.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004398.html  View