Lucene search

MitreCVE-2014-4909

HistoryJul 29, 2014 - 2:55 p.m.

CVE-2014-4909

2014-07-2914:55:07

CWE-189

mitre

web.nvd.nist.gov

cve-2014-4909

integer overflow

tr_bitfieldensurenthbitalloced function

bitfield.c

transmission

denial of service

execute arbitrary code

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.037

Percentile

91.9%

JSON

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Affected configurations

Nvd

Node

canonicalubuntu_linuxMatch12.04-lts

canonicalubuntu_linuxMatch13.10

canonicalubuntu_linuxMatch14.04lts

fedoraprojectfedoraMatch20

gentoolinux

Node

transmissionbttransmissionRange≤2.83

transmissionbttransmissionMatch0.1

transmissionbttransmissionMatch0.2

transmissionbttransmissionMatch0.3

transmissionbttransmissionMatch0.4

transmissionbttransmissionMatch0.5

transmissionbttransmissionMatch0.6

transmissionbttransmissionMatch0.6.1

transmissionbttransmissionMatch0.70

transmissionbttransmissionMatch0.71

transmissionbttransmissionMatch0.72

transmissionbttransmissionMatch0.80

transmissionbttransmissionMatch0.81

transmissionbttransmissionMatch0.82

transmissionbttransmissionMatch0.90

transmissionbttransmissionMatch0.91

transmissionbttransmissionMatch0.92

transmissionbttransmissionMatch0.93

transmissionbttransmissionMatch0.94

transmissionbttransmissionMatch0.95

transmissionbttransmissionMatch0.96

transmissionbttransmissionMatch1.00

transmissionbttransmissionMatch1.01

transmissionbttransmissionMatch1.02

transmissionbttransmissionMatch1.2

transmissionbttransmissionMatch1.03

transmissionbttransmissionMatch1.04

transmissionbttransmissionMatch1.05

transmissionbttransmissionMatch1.06

transmissionbttransmissionMatch1.10

transmissionbttransmissionMatch1.11

transmissionbttransmissionMatch1.20

transmissionbttransmissionMatch1.21

transmissionbttransmissionMatch1.22

transmissionbttransmissionMatch1.30

transmissionbttransmissionMatch1.31

transmissionbttransmissionMatch1.32

transmissionbttransmissionMatch1.33

transmissionbttransmissionMatch1.34

transmissionbttransmissionMatch1.40

transmissionbttransmissionMatch1.41

transmissionbttransmissionMatch1.42

transmissionbttransmissionMatch1.50

transmissionbttransmissionMatch1.51

transmissionbttransmissionMatch1.52

transmissionbttransmissionMatch1.53

transmissionbttransmissionMatch1.54

transmissionbttransmissionMatch1.60

transmissionbttransmissionMatch1.61

transmissionbttransmissionMatch1.70

transmissionbttransmissionMatch1.71

transmissionbttransmissionMatch1.72

transmissionbttransmissionMatch1.73

transmissionbttransmissionMatch1.74

transmissionbttransmissionMatch1.75

transmissionbttransmissionMatch1.76

transmissionbttransmissionMatch1.77

transmissionbttransmissionMatch1.80

transmissionbttransmissionMatch1.81

transmissionbttransmissionMatch1.82

transmissionbttransmissionMatch1.83

transmissionbttransmissionMatch1.90

transmissionbttransmissionMatch1.91

transmissionbttransmissionMatch1.92

transmissionbttransmissionMatch1.93

transmissionbttransmissionMatch2.00

transmissionbttransmissionMatch2.01

transmissionbttransmissionMatch2.02

transmissionbttransmissionMatch2.03

transmissionbttransmissionMatch2.04

transmissionbttransmissionMatch2.10

transmissionbttransmissionMatch2.11

transmissionbttransmissionMatch2.12

transmissionbttransmissionMatch2.13

transmissionbttransmissionMatch2.20

transmissionbttransmissionMatch2.21

transmissionbttransmissionMatch2.22

transmissionbttransmissionMatch2.30

transmissionbttransmissionMatch2.31

transmissionbttransmissionMatch2.32

transmissionbttransmissionMatch2.33

transmissionbttransmissionMatch2.40

transmissionbttransmissionMatch2.41

transmissionbttransmissionMatch2.42

transmissionbttransmissionMatch2.50

transmissionbttransmissionMatch2.51

transmissionbttransmissionMatch2.52

transmissionbttransmissionMatch2.60

transmissionbttransmissionMatch2.61

transmissionbttransmissionMatch2.70

transmissionbttransmissionMatch2.71

transmissionbttransmissionMatch2.72

transmissionbttransmissionMatch2.73

transmissionbttransmissionMatch2.74

transmissionbttransmissionMatch2.75

transmissionbttransmissionMatch2.76

transmissionbttransmissionMatch2.77

transmissionbttransmissionMatch2.80

transmissionbttransmissionMatch2.81

transmissionbttransmissionMatch2.82

VendorProductVersionCPE
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
canonicalubuntu_linux13.10cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
fedoraprojectfedora20cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
gentoolinux*cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
transmissionbttransmission*cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*
transmissionbttransmission0.1cpe:2.3:a:transmissionbt:transmission:0.1:*:*:*:*:*:*:*
transmissionbttransmission0.2cpe:2.3:a:transmissionbt:transmission:0.2:*:*:*:*:*:*:*
transmissionbttransmission0.3cpe:2.3:a:transmissionbt:transmission:0.3:*:*:*:*:*:*:*
transmissionbttransmission0.4cpe:2.3:a:transmissionbt:transmission:0.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
canonical	ubuntu_linux	12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::*
canonical	ubuntu_linux	13.10	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
canonical	ubuntu_linux	14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
fedoraproject	fedora	20	cpe:2.3:o:fedoraproject:fedora:20:::::::*
gentoo	linux	*	cpe:2.3:o:gentoo:linux::::::::
transmissionbt	transmission	*	cpe:2.3:a:transmissionbt:transmission::::::::
transmissionbt	transmission	0.1	cpe:2.3:a:transmissionbt:transmission:0.1:::::::*
transmissionbt	transmission	0.2	cpe:2.3:a:transmissionbt:transmission:0.2:::::::*
transmissionbt	transmission	0.3	cpe:2.3:a:transmissionbt:transmission:0.3:::::::*
transmissionbt	transmission	0.4	cpe:2.3:a:transmissionbt:transmission:0.4:::::::*