CVE

Id
76772  
CVE No.
CVE-2014-9471  
Status
Candidate  
Description
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.  
Phase
Assigned (20150103)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
705245 76772 CVE-2014-9471 MLIST:[oss-security] 20141124 parse_datetime() bug in coreutils  View
705246 76772 CVE-2014-9471 URL:http://www.openwall.com/lists/oss-security/2014/11/25/1  View
705247 76772 CVE-2014-9471 MLIST:[oss-security] 20141125 AW: parse_datetime() bug in coreutils  View
705248 76772 CVE-2014-9471 URL:http://www.openwall.com/lists/oss-security/2014/11/25/4  View
705249 76772 CVE-2014-9471 MLIST:[oss-security] 20150103 Re: parse_datetime() bug in coreutils  View
705250 76772 CVE-2014-9471 URL:http://www.openwall.com/lists/oss-security/2015/01/03/11  View
705251 76772 CVE-2014-9471 CONFIRM:http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872  View
705252 76772 CVE-2014-9471 CONFIRM:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766147  View
705253 76772 CVE-2014-9471 CONFIRM:http://advisories.mageia.org/MGASA-2015-0029.html  View
705254 76772 CVE-2014-9471 MANDRIVA:MDVSA-2015:179  View
705255 76772 CVE-2014-9471 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:179  View
705256 76772 CVE-2014-9471 UBUNTU:USN-2473-1  View
705257 76772 CVE-2014-9471 URL:http://ubuntu.com/usn/usn-2473-1  View
705258 76772 CVE-2014-9471 SECUNIA:62226  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
18834 JVNDB-2014-007709 MediaWiki 用 TemplateSandbox エクステンションのプレビューにおけるクロスサイトスクリプティングの脆弱性 MediaWiki 用 TemplateSandbox エクステンションのプレビューには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-9479 76772 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007709.html  View