Home > Vulnerability Database > CVE-2014-7913

Mend.io Vulnerability Database

CVE-2014-7913

Good to know:

Date: July 29, 2015

The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message.

Language: C

Severity Score

5.6

Related Resources (6)

Url: https://security-tracker.debian.org/tracker/CVE-2014-7913

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-7913

Url: http://www.securitytracker.com/id/1033124

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7913

Url: https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0

Url: https://www.mend.io/vulnerability-database/CVE-2014-7913

Severity Score

5.6

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-7913

Good to know:

Date: July 29, 2015

Language: C

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?