Lucene search
CertccCVELIST:CVE-2014-4859HistoryJan 31, 2020 - 3:08 p.m.
CVE-2014-4859
2020-01-3115:08:20
certcc
www.cve.org
2
Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.
CNA Affected
[
{
"product": "SCT3",
"vendor": "Phoenix Technologies Ltd.",
"versions": [
{
"status": "affected",
"version": "before 5/23/2014"
}
]
},
{
"product": "BIOS",
"vendor": "American Megatrends Incorporated (AMI)",
"versions": [
{
"status": "affected",
"version": "unknown"
}
]
}
]References
Related
prion
prion
Integer overflow
2020-01-31 16:15:00
nvd
nvd
CVE-2014-4859
2020-01-31 16:15:10
cve
cve
CVE-2014-4859
2020-01-31 16:15:10
ubuntucve
ubuntucve
CVE-2014-4859
2020-01-31 00:00:00
debiancve
debiancve
CVE-2014-4859
2020-01-31 16:15:10
securityvulns
securityvulns
[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code
2014-08-11 00:00:00
HP desktops and notebooks code execution
2014-08-11 00:00:00
f5
f5
lenovo
lenovo
UEFI EDK2 Capsule Update Vulnerabilities
2016-07-22 00:00:00
UEFI EDK2 Capsule Update Vulnerabilities - Lenovo Support US
2016-07-22 00:00:00
cert
cert
UEFI EDK2 Capsule Update vulnerabilities
2014-08-07 00:00:00