ALT-PU-2015-2136-1
Closed vulnerabilities
Published: 2017-10-10
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-9474
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- FEDORA-2014-16967
- FEDORA-2014-16967
- FEDORA-2014-16964
- FEDORA-2014-16964
- http://www.mpfr.org/mpfr-3.1.2/patch11
- http://www.mpfr.org/mpfr-3.1.2/patch11
- [oss-security] 20150103 Re: CVE request: mpfr: buffer overflow in mpfr_strtofr
- [oss-security] 20150103 Re: CVE request: mpfr: buffer overflow in mpfr_strtofr
- 71542
- 71542
- https://bugzilla.redhat.com/show_bug.cgi?id=1171701
- https://bugzilla.redhat.com/show_bug.cgi?id=1171701
- https://gforge.inria.fr/scm/viewvc.php/mpfr?revision=9243&view=revision
- https://gforge.inria.fr/scm/viewvc.php/mpfr?revision=9243&view=revision
- [gmp-bugs] 20131216 out-of-bound write
- [gmp-bugs] 20131216 out-of-bound write
- GLSA-201512-06
- GLSA-201512-06