Lucene search
UbuntuUSN-2338-1HistorySep 03, 2014 - 12:00 a.m.
Lua vulnerability
2014-09-0300:00:00
ubuntu.com
33
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
69.9%
Releases
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- lua5.1 - Simple, extensible, embeddable programming language
Details
It was discovered that Lua incorrectly handled certain vararg functions
with a large number of fixed parameters. An attacker could use this issue
to cause Lua applications to crash, resulting in a denial of service, or
possibly execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.04 | noarch | liblua5.1-0 | < 5.1.5-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | liblua5.1-0-dbg | < 5.1.5-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | liblua5.1-0-dev | < 5.1.5-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | lua5.1 | < 5.1.5-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | liblua5.1-0 | < 5.1.4-12ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | liblua5.1-0-dbg | < 5.1.4-12ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | liblua5.1-0-dev | < 5.1.4-12ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | lua5.1 | < 5.1.4-12ubuntu1.1 | UNKNOWN |
References
Related
nessus
nessus
Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)
2015-01-19 00:00:00
Debian DSA-3015-1 : lua5.1 - security update
2014-09-02 00:00:00
EulerOS 2.0 SP3 : lua (EulerOS-SA-2019-2629)
2019-12-18 00:00:00
nvd
nvd
CVE-2014-5461
2014-09-04 17:55:07
cvelist
cvelist
CVE-2014-5461
2014-09-04 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-402)
2015-09-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0414)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2020-1477)
2020-04-16 00:00:00
gentoo
gentoo
Lua: Buffer overflow
2017-01-23 00:00:00
Lua: Multiple Vulnerabilities
2023-05-03 00:00:00
osv
osv
lua5.2 - security update
2014-09-01 00:00:00
lua5.1 - security update
2014-09-01 00:00:00
lua5.1 - security update
2014-09-05 00:00:00
cve
cve
CVE-2014-5461
2014-09-04 17:55:07
mageia
mageia
Updated freeciv packages fix a security vulnerability
2015-01-21 20:15:23
Updated lua and lua5.1 packages fix security vulnerability
2014-10-23 17:27:57
debiancve
debiancve
CVE-2014-5461
2014-09-04 17:55:07
debian
debian
[SECURITY] [DLA 47-1] lua5.1 security update
2014-09-05 16:01:46
[SECURITY] [DSA 3015-1] lua5.1 security update
2014-09-01 19:02:43
[SECURITY] [DSA 3016-1] lua5.2 security update
2014-09-01 19:08:17
amazon
amazon
Medium: lua
2014-09-17 21:44:00
securityvulns
securityvulns
Lua buffer overflow
2014-09-03 00:00:00
[SECURITY] [DSA 3016-1] lua5.2 security update
2014-09-03 00:00:00
prion
prion
Buffer overflow
2014-09-04 17:55:00
ubuntucve
ubuntucve
CVE-2014-5461
2014-08-28 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
69.9%
Related for USN-2338-1