Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    10 vulnerabilities found for unrtf by unrtf_project

    CVE-2025-65411 (GCVE-0-2025-65411)

    Vulnerability from nvd – Published: 2025-12-30 00:00 – Updated: 2026-01-02 18:09
    VLAI
    Summary
    A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65411",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-02T16:18:39.823512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-02T18:09:28.347Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T17:39:43.714Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.gnu.org/software/unrtf/"
            },
            {
              "url": "https://savannah.gnu.org/projects/unrtf/"
            },
            {
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00000.html"
            },
            {
              "url": "https://sources.debian.org/src/unrtf/0.21.10-clean-1/src/main.c/#L661"
            },
            {
              "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65411",
        "datePublished": "2025-12-30T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2026-01-02T18:09:28.347Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65410 (GCVE-0-2025-65410)

    Vulnerability from nvd – Published: 2025-12-23 00:00 – Updated: 2025-12-30 17:42
    VLAI
    Summary
    A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65410",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-23T18:55:38.913694Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-23T18:57:00.481Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T17:42:46.577Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.gnu.org/software/unrtf/"
            },
            {
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00001.html"
            },
            {
              "url": "https://savannah.gnu.org/projects/unrtf/"
            },
            {
              "url": "https://hg.savannah.gnu.org/hgweb/unrtf/rev/a5d3b025a8b1"
            },
            {
              "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65410.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65410",
        "datePublished": "2025-12-23T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2025-12-30T17:42:46.577Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2016-10091 (GCVE-0-2016-10091)

    Vulnerability from nvd – Published: 2017-04-21 15:00 – Updated: 2024-08-06 03:07
    VLAI
    Summary
    Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2016-12-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T03:07:32.082Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
              },
              {
                "name": "95173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95173"
              },
              {
                "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
              },
              {
                "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-12-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-21T14:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
            },
            {
              "name": "95173",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95173"
            },
            {
              "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
            },
            {
              "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2016-10091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406",
                  "refsource": "CONFIRM",
                  "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
                },
                {
                  "name": "95173",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95173"
                },
                {
                  "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
                },
                {
                  "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2016-10091",
        "datePublished": "2017-04-21T15:00:00.000Z",
        "dateReserved": "2016-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-06T03:07:32.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9275 (GCVE-0-2014-9275)

    Vulnerability from nvd – Published: 2014-12-09 22:52 – Updated: 2024-08-06 13:40
    VLAI
    Summary
    UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://advisories.mageia.org/MGASA-2014-0533.html x_refsource_CONFIRM
    http://secunia.com/advisories/62811 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2014/1… mailing-listx_refsource_MLIST
    http://www.openwall.com/lists/oss-security/2014/12/03/4 mailing-listx_refsource_MLIST
    http://www.debian.org/security/2015/dsa-3158 vendor-advisoryx_refsource_DEBIAN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/71506 vdb-entryx_refsource_BID
    https://security.gentoo.org/glsa/201507-06 vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=1170233 x_refsource_CONFIRM
    Date Public
    2014-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:40:24.907Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
              },
              {
                "name": "62811",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/62811"
              },
              {
                "name": "FEDORA-2014-17281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
              },
              {
                "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
              },
              {
                "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
              },
              {
                "name": "DSA-3158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3158"
              },
              {
                "name": "MDVSA-2015:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
              },
              {
                "name": "71506",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71506"
              },
              {
                "name": "GLSA-201507-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201507-06"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-20T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
            },
            {
              "name": "62811",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/62811"
            },
            {
              "name": "FEDORA-2014-17281",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
            },
            {
              "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
            },
            {
              "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
            },
            {
              "name": "DSA-3158",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3158"
            },
            {
              "name": "MDVSA-2015:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
            },
            {
              "name": "71506",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71506"
            },
            {
              "name": "GLSA-201507-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201507-06"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://advisories.mageia.org/MGASA-2014-0533.html",
                  "refsource": "CONFIRM",
                  "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
                },
                {
                  "name": "62811",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/62811"
                },
                {
                  "name": "FEDORA-2014-17281",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
                },
                {
                  "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
                },
                {
                  "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
                },
                {
                  "name": "DSA-3158",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3158"
                },
                {
                  "name": "MDVSA-2015:007",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
                },
                {
                  "name": "71506",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71506"
                },
                {
                  "name": "GLSA-201507-06",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201507-06"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9275",
        "datePublished": "2014-12-09T22:52:00.000Z",
        "dateReserved": "2014-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:40:24.907Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9274 (GCVE-0-2014-9274)

    Vulnerability from nvd – Published: 2014-12-09 22:52 – Updated: 2024-08-06 13:40
    VLAI
    Summary
    UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://advisories.mageia.org/MGASA-2014-0533.html x_refsource_CONFIRM
    http://secunia.com/advisories/62811 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2014/1… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2015/dsa-3158 vendor-advisoryx_refsource_DEBIAN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/71430 vdb-entryx_refsource_BID
    https://lists.gnu.org/archive/html/bug-unrtf/2014… mailing-listx_refsource_MLIST
    https://security.gentoo.org/glsa/201507-06 vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=1170233 x_refsource_CONFIRM
    Date Public
    2014-11-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:40:24.592Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
              },
              {
                "name": "62811",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/62811"
              },
              {
                "name": "FEDORA-2014-17281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
              },
              {
                "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
              },
              {
                "name": "DSA-3158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3158"
              },
              {
                "name": "MDVSA-2015:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
              },
              {
                "name": "71430",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71430"
              },
              {
                "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
              },
              {
                "name": "GLSA-201507-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201507-06"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-11-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-20T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
            },
            {
              "name": "62811",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/62811"
            },
            {
              "name": "FEDORA-2014-17281",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
            },
            {
              "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
            },
            {
              "name": "DSA-3158",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3158"
            },
            {
              "name": "MDVSA-2015:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
            },
            {
              "name": "71430",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71430"
            },
            {
              "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
            },
            {
              "name": "GLSA-201507-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201507-06"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9274",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://advisories.mageia.org/MGASA-2014-0533.html",
                  "refsource": "CONFIRM",
                  "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
                },
                {
                  "name": "62811",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/62811"
                },
                {
                  "name": "FEDORA-2014-17281",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
                },
                {
                  "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
                },
                {
                  "name": "DSA-3158",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3158"
                },
                {
                  "name": "MDVSA-2015:007",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
                },
                {
                  "name": "71430",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71430"
                },
                {
                  "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
                  "refsource": "MLIST",
                  "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
                },
                {
                  "name": "GLSA-201507-06",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201507-06"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9274",
        "datePublished": "2014-12-09T22:52:00.000Z",
        "dateReserved": "2014-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:40:24.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-65411 (GCVE-0-2025-65411)

    Vulnerability from cvelistv5 – Published: 2025-12-30 00:00 – Updated: 2026-01-02 18:09
    VLAI
    Summary
    A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65411",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-02T16:18:39.823512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-02T18:09:28.347Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T17:39:43.714Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.gnu.org/software/unrtf/"
            },
            {
              "url": "https://savannah.gnu.org/projects/unrtf/"
            },
            {
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00000.html"
            },
            {
              "url": "https://sources.debian.org/src/unrtf/0.21.10-clean-1/src/main.c/#L661"
            },
            {
              "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65411",
        "datePublished": "2025-12-30T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2026-01-02T18:09:28.347Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65410 (GCVE-0-2025-65410)

    Vulnerability from cvelistv5 – Published: 2025-12-23 00:00 – Updated: 2025-12-30 17:42
    VLAI
    Summary
    A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65410",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-23T18:55:38.913694Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-23T18:57:00.481Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T17:42:46.577Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.gnu.org/software/unrtf/"
            },
            {
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00001.html"
            },
            {
              "url": "https://savannah.gnu.org/projects/unrtf/"
            },
            {
              "url": "https://hg.savannah.gnu.org/hgweb/unrtf/rev/a5d3b025a8b1"
            },
            {
              "url": "https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65410.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65410",
        "datePublished": "2025-12-23T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2025-12-30T17:42:46.577Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2016-10091 (GCVE-0-2016-10091)

    Vulnerability from cvelistv5 – Published: 2017-04-21 15:00 – Updated: 2024-08-06 03:07
    VLAI
    Summary
    Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2016-12-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T03:07:32.082Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
              },
              {
                "name": "95173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95173"
              },
              {
                "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
              },
              {
                "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-12-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-21T14:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
            },
            {
              "name": "95173",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95173"
            },
            {
              "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
            },
            {
              "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2016-10091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406",
                  "refsource": "CONFIRM",
                  "url": "http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406"
                },
                {
                  "name": "95173",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95173"
                },
                {
                  "name": "[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/12/31/3"
                },
                {
                  "name": "[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2017/01/01/1"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409546"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2016-10091",
        "datePublished": "2017-04-21T15:00:00.000Z",
        "dateReserved": "2016-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-06T03:07:32.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9274 (GCVE-0-2014-9274)

    Vulnerability from cvelistv5 – Published: 2014-12-09 22:52 – Updated: 2024-08-06 13:40
    VLAI
    Summary
    UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://advisories.mageia.org/MGASA-2014-0533.html x_refsource_CONFIRM
    http://secunia.com/advisories/62811 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2014/1… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2015/dsa-3158 vendor-advisoryx_refsource_DEBIAN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/71430 vdb-entryx_refsource_BID
    https://lists.gnu.org/archive/html/bug-unrtf/2014… mailing-listx_refsource_MLIST
    https://security.gentoo.org/glsa/201507-06 vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=1170233 x_refsource_CONFIRM
    Date Public
    2014-11-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:40:24.592Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
              },
              {
                "name": "62811",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/62811"
              },
              {
                "name": "FEDORA-2014-17281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
              },
              {
                "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
              },
              {
                "name": "DSA-3158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3158"
              },
              {
                "name": "MDVSA-2015:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
              },
              {
                "name": "71430",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71430"
              },
              {
                "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
              },
              {
                "name": "GLSA-201507-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201507-06"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-11-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-20T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
            },
            {
              "name": "62811",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/62811"
            },
            {
              "name": "FEDORA-2014-17281",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
            },
            {
              "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
            },
            {
              "name": "DSA-3158",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3158"
            },
            {
              "name": "MDVSA-2015:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
            },
            {
              "name": "71430",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71430"
            },
            {
              "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
            },
            {
              "name": "GLSA-201507-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201507-06"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9274",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://advisories.mageia.org/MGASA-2014-0533.html",
                  "refsource": "CONFIRM",
                  "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
                },
                {
                  "name": "62811",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/62811"
                },
                {
                  "name": "FEDORA-2014-17281",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
                },
                {
                  "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
                },
                {
                  "name": "DSA-3158",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3158"
                },
                {
                  "name": "MDVSA-2015:007",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
                },
                {
                  "name": "71430",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71430"
                },
                {
                  "name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
                  "refsource": "MLIST",
                  "url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
                },
                {
                  "name": "GLSA-201507-06",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201507-06"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9274",
        "datePublished": "2014-12-09T22:52:00.000Z",
        "dateReserved": "2014-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:40:24.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9275 (GCVE-0-2014-9275)

    Vulnerability from cvelistv5 – Published: 2014-12-09 22:52 – Updated: 2024-08-06 13:40
    VLAI
    Summary
    UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://advisories.mageia.org/MGASA-2014-0533.html x_refsource_CONFIRM
    http://secunia.com/advisories/62811 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2014/1… mailing-listx_refsource_MLIST
    http://www.openwall.com/lists/oss-security/2014/12/03/4 mailing-listx_refsource_MLIST
    http://www.debian.org/security/2015/dsa-3158 vendor-advisoryx_refsource_DEBIAN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/71506 vdb-entryx_refsource_BID
    https://security.gentoo.org/glsa/201507-06 vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=1170233 x_refsource_CONFIRM
    Date Public
    2014-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:40:24.907Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
              },
              {
                "name": "62811",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/62811"
              },
              {
                "name": "FEDORA-2014-17281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
              },
              {
                "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
              },
              {
                "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
              },
              {
                "name": "DSA-3158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3158"
              },
              {
                "name": "MDVSA-2015:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
              },
              {
                "name": "71506",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71506"
              },
              {
                "name": "GLSA-201507-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201507-06"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-20T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
            },
            {
              "name": "62811",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/62811"
            },
            {
              "name": "FEDORA-2014-17281",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
            },
            {
              "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
            },
            {
              "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
            },
            {
              "name": "DSA-3158",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3158"
            },
            {
              "name": "MDVSA-2015:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
            },
            {
              "name": "71506",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71506"
            },
            {
              "name": "GLSA-201507-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201507-06"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://advisories.mageia.org/MGASA-2014-0533.html",
                  "refsource": "CONFIRM",
                  "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
                },
                {
                  "name": "62811",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/62811"
                },
                {
                  "name": "FEDORA-2014-17281",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
                },
                {
                  "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
                },
                {
                  "name": "[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/12/03/4"
                },
                {
                  "name": "DSA-3158",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3158"
                },
                {
                  "name": "MDVSA-2015:007",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
                },
                {
                  "name": "71506",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71506"
                },
                {
                  "name": "GLSA-201507-06",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201507-06"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9275",
        "datePublished": "2014-12-09T22:52:00.000Z",
        "dateReserved": "2014-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:40:24.907Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }