Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

CPENameOperatorVersion
liblzo2lt2.07
lzo2lt2.07

CPE	Name	Operator	Version
	liblzo2	lt	2.07
	lzo2	lt	2.07

References

blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html

web.archive.org/web/20140701023922/www.oberhumer.com/opensource/lzo/

nessus 46

suse 2

openvas 49

mageia 14

veracode 1

osv 1

centos 1

fedora 15

securityvulns 2

debian 5

nvd 1

debiancve 1

redhat 2

f5 2

ibm 4

freebsd 1

cve 1

cvelist 1

ubuntu 1

amazon 1

oraclelinux 1

gentoo 2

ubuntucve 1

thn 1

nessus

Amazon Linux AMI : lzo (ALAS-2014-373)

2014-10-12 00:00:00

EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2019-2011)

2019-09-24 00:00:00

EulerOS 2.0 SP2 : grub2 (EulerOS-SA-2019-1735)

2019-07-22 00:00:00

suse

Security update for lzo (important)

2014-07-16 19:04:17

Security update for lzo (important)

2014-07-31 19:04:17

openvas

Fedora Update for icecream FEDORA-2014-10468

2014-11-20 00:00:00

Fedora Update for lzo FEDORA-2014-7939

2014-10-13 00:00:00

Debian Security Advisory DSA 2995-1 (lzo2 - security update)

2014-08-03 00:00:00

mageia

Updated harbour package fixes security vulnerability

2014-08-27 03:04:56

Updated icecream package fixes security vulnerability

2014-08-27 03:04:56

Updated blender package fixes CVE-2014-4607

2014-09-01 14:44:17

veracode

Remote Code Execution (RCE)

2020-12-11 09:20:29

osv

lzo2 - security update

2014-08-03 00:00:00

centos

lzo security update

2014-07-09 12:38:49

fedora

[SECURITY] Fedora 19 Update: lzo-2.08-1.fc19

2014-10-12 13:56:23

[SECURITY] Fedora 19 Update: icecream-1.0.1-8.20140822git.fc19

2014-11-19 15:58:47

[SECURITY] Fedora 21 Update: dump-0.4-0.24.b44.fc21

2015-02-25 13:29:41

securityvulns

liblzo integer overflow

2014-07-22 00:00:00

[ MDVSA-2014:134 ] liblzo

2014-07-22 00:00:00

debian

[SECURITY] [DSA 2995-1] lzo2 security update

2014-08-03 07:37:56

[SECURITY] [DSA 2995-1] lzo2 security update

2014-08-03 07:37:56

[DLA 35-1] lzo2 security update

2014-08-11 16:38:42

nvd

CVE-2014-4607

2020-02-12 14:15:10

debiancve

CVE-2014-4607

2020-02-12 14:15:10

redhat

(RHSA-2014:0861) Moderate: lzo security update

2014-07-09 00:00:00

(RHSA-2014:0979) Moderate: rhev-hypervisor6 security and bug fix update

2014-07-29 00:00:00

SOL95698826 - LZO vulnerability CVE-2014-4607

2016-02-03 00:00:00

K95698826 : LZO vulnerability CVE-2014-4607

2016-02-04 00:00:00

ibm

Security Bulletin: A busybox vulnerability affects IBM DataPower Gateways (CVE-2014-4607)

2018-06-15 07:06:27

Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 )

2018-06-16 21:46:13

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in busybox, arpwatch, apr, acpid, augeas, firefox, ctdb.

2021-12-15 07:41:22

freebsd

krfb -- Possible Denial of Service or code execution via integer overflow

2014-08-03 00:00:00

cve

CVE-2014-4607

2020-02-12 14:15:10

cvelist

CVE-2014-4607

2020-02-12 13:49:35

ubuntu

LZO vulnerability

2014-07-24 00:00:00

amazon

Medium: lzo

2014-07-09 16:45:00

oraclelinux

lzo security update

2014-07-09 00:00:00

gentoo

LZO: Multiple vulnerabilities

2017-01-02 00:00:00

BusyBox: Multiple vulnerabilities

2015-03-29 00:00:00

ubuntucve

CVE-2014-4607

2014-07-09 00:00:00

thn

20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

2014-06-27 05:43:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.3 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for PRION:CVE-2014-4607