NVD

Id
35314  
Name
CVE-2014-8094  
Description
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-12-10  
Modified Date
2017-01-02  
Seq
2014-8094  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
180818 35314 CVE-2014-8094 http://advisories.mageia.org/MGASA-2014-0532.html  View
180819 35314 CVE-2014-8094 61947  View
180820 35314 CVE-2014-8094 DSA-3095  View
180821 35314 CVE-2014-8094 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html  View
180822 35314 CVE-2014-8094 71601  View
180823 35314 CVE-2014-8094 http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/  View
180824 35314 CVE-2014-8094 GLSA-201504-06  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
17096 JVNDB-2014-005971 X.Org Server における整数オーバーフローの脆弱性 X.Org Server (別名 xserver および xorg-server) の DRI2 エクステンションの ProcDRI2GetBuffers 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2014-8094 75387 CVE-2014-8094 35314 6.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005971.html 2014-12-09 2015-06-04 View