fkie_nvd - fkie_cve-2014-4909

FKIE_CVE-2014-4909

Vulnerability from fkie_nvd - Published: 2014-07-29 14:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

References

URL	Tags
cve@mitre.org	http://inertiawar.com/submission.go	Exploit
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html
cve@mitre.org	http://secunia.com/advisories/59897
cve@mitre.org	http://secunia.com/advisories/60108
cve@mitre.org	http://secunia.com/advisories/60527
cve@mitre.org	http://www.debian.org/security/2014/dsa-2988
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/07/10/4
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/07/11/5
cve@mitre.org	http://www.osvdb.org/108997
cve@mitre.org	http://www.securityfocus.com/bid/68487
cve@mitre.org	http://www.ubuntu.com/usn/USN-2279-1
cve@mitre.org	https://bugs.gentoo.org/show_bug.cgi?id=516822
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1118290
cve@mitre.org	https://trac.transmissionbt.com/wiki/Changes#version-2.84	Vendor Advisory
cve@mitre.org	https://twitter.com/benhawkes/statuses/484378151959539712
af854a3a-2127-422b-91ae-364da2661108	http://inertiawar.com/submission.go	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59897
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60108
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60527
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-2988
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/07/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/07/11/5
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/108997
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/68487
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2279-1
af854a3a-2127-422b-91ae-364da2661108	https://bugs.gentoo.org/show_bug.cgi?id=516822
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1118290
af854a3a-2127-422b-91ae-364da2661108	https://trac.transmissionbt.com/wiki/Changes#version-2.84	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/benhawkes/statuses/484378151959539712

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	13.10
canonical	ubuntu_linux	14.04
fedoraproject	fedora	20
gentoo	linux	*
transmissionbt	transmission	*
transmissionbt	transmission	0.1
transmissionbt	transmission	0.2
transmissionbt	transmission	0.3
transmissionbt	transmission	0.4
transmissionbt	transmission	0.5
transmissionbt	transmission	0.6
transmissionbt	transmission	0.6.1
transmissionbt	transmission	0.70
transmissionbt	transmission	0.71
transmissionbt	transmission	0.72
transmissionbt	transmission	0.80
transmissionbt	transmission	0.81
transmissionbt	transmission	0.82
transmissionbt	transmission	0.90
transmissionbt	transmission	0.91
transmissionbt	transmission	0.92
transmissionbt	transmission	0.93
transmissionbt	transmission	0.94
transmissionbt	transmission	0.95
transmissionbt	transmission	0.96
transmissionbt	transmission	1.00
transmissionbt	transmission	1.01
transmissionbt	transmission	1.02
transmissionbt	transmission	1.2
transmissionbt	transmission	1.03
transmissionbt	transmission	1.04
transmissionbt	transmission	1.05
transmissionbt	transmission	1.06
transmissionbt	transmission	1.10
transmissionbt	transmission	1.11
transmissionbt	transmission	1.20
transmissionbt	transmission	1.21
transmissionbt	transmission	1.22
transmissionbt	transmission	1.30
transmissionbt	transmission	1.31
transmissionbt	transmission	1.32
transmissionbt	transmission	1.33
transmissionbt	transmission	1.34
transmissionbt	transmission	1.40
transmissionbt	transmission	1.41
transmissionbt	transmission	1.42
transmissionbt	transmission	1.50
transmissionbt	transmission	1.51
transmissionbt	transmission	1.52
transmissionbt	transmission	1.53
transmissionbt	transmission	1.54
transmissionbt	transmission	1.60
transmissionbt	transmission	1.61
transmissionbt	transmission	1.70
transmissionbt	transmission	1.71
transmissionbt	transmission	1.72
transmissionbt	transmission	1.73
transmissionbt	transmission	1.74
transmissionbt	transmission	1.75
transmissionbt	transmission	1.76
transmissionbt	transmission	1.77
transmissionbt	transmission	1.80
transmissionbt	transmission	1.81
transmissionbt	transmission	1.82
transmissionbt	transmission	1.83
transmissionbt	transmission	1.90
transmissionbt	transmission	1.91
transmissionbt	transmission	1.92
transmissionbt	transmission	1.93
transmissionbt	transmission	2.00
transmissionbt	transmission	2.01
transmissionbt	transmission	2.02
transmissionbt	transmission	2.03
transmissionbt	transmission	2.04
transmissionbt	transmission	2.10
transmissionbt	transmission	2.11
transmissionbt	transmission	2.12
transmissionbt	transmission	2.13
transmissionbt	transmission	2.20
transmissionbt	transmission	2.21
transmissionbt	transmission	2.22
transmissionbt	transmission	2.30
transmissionbt	transmission	2.31
transmissionbt	transmission	2.32
transmissionbt	transmission	2.33
transmissionbt	transmission	2.40
transmissionbt	transmission	2.41
transmissionbt	transmission	2.42
transmissionbt	transmission	2.50
transmissionbt	transmission	2.51
transmissionbt	transmission	2.52
transmissionbt	transmission	2.60
transmissionbt	transmission	2.61
transmissionbt	transmission	2.70
transmissionbt	transmission	2.71
transmissionbt	transmission	2.72
transmissionbt	transmission	2.73
transmissionbt	transmission	2.74
transmissionbt	transmission	2.75
transmissionbt	transmission	2.76
transmissionbt	transmission	2.77
transmissionbt	transmission	2.80
transmissionbt	transmission	2.81
transmissionbt	transmission	2.82

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
              "matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA96D9A5-ECB7-451A-9EBC-B99149C0455E",
              "versionEndIncluding": "2.83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF93408-3A3D-4FD8-A857-C7A872964D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE58C6BE-513E-458F-9A74-F037F287D415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B877F9A-C73B-4B81-9E5C-B92E7C080E7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F9AE0C3-5609-42C5-A08E-C299ECEE82E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "135D1D2D-4A9F-4EBB-9D50-92B25DC60879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "040D1568-6213-4A5C-99D5-AB4ECAF345A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8240A86D-3B9A-4128-9645-331A18C16C4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B583C2-48AD-4EC9-AA64-9FCBF7840AE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "01489B59-895D-45AA-846E-521961E7C0DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C8E851-6FE0-469B-BA93-B5E46CEA9DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7165AE-5A4D-4FDD-95BF-5D2754778FE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE9CFEEC-E2F4-456E-A7AE-94F822A0F333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE49E40-8F91-4885-8F46-9E038E978563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A43CB7E-0126-46EA-BEB6-8C1AB1E5AC1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E04D86-17AA-4777-AD8C-FF62477767EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "9587577D-CEFD-4E92-A667-B40357FBFF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDD24F7-412D-4922-B803-23D53F95FBDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E89FF5-FC50-4F90-8419-8D2F941FA42E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA3795D4-AC23-4F9F-B6B4-5BD429BCAE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "06444C9C-252E-4303-9BCA-B2C0332B04A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB85CAB-5987-4066-BB78-8B71A7E3510F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "630B75D1-9E59-4EBE-8D53-BE4893F62774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D72BD649-9E99-425D-BC95-C54FB15AEFF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "105E1FA8-08AE-477E-B7F2-68BCDE6EEA42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "F076D056-0292-40F7-A50C-8B13922A3C47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F3AEA3-C68A-4A76-8BFC-52CAF4C91106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2928593-E0E1-429E-A67F-B5A61E8E5199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D2CFA06-5B3B-40BC-8D2F-450408A0E616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C46E575-274E-43F9-B815-BC1F3C29552A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "62611674-01EB-4AB3-90E5-CF22935E3DF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E151076-5286-4FBF-B53C-28F5D9D41566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A583FF8-E8A5-48AB-AE2F-D7F64BE9F9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B90969C1-C1A4-4C3B-9313-56E1985DCD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7BC6E21-3766-4D78-9F44-5EFDCD5F38D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E61E47-D922-4219-A220-153EA38E7A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "D13E7B38-B905-4048-A75B-1AA3A28A49F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "421BD25F-E03F-41DA-8E81-444DE5C5622A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E6A7241-50D3-4E5E-8FEA-6BF600E5E4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DC0548-67E2-474C-AF06-9101DF378484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4B2A9F0-BE57-4846-BD7C-C2A39FF7E5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD404C1-CDD6-4118-8FCE-905C401FD3F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "C570DD0B-CB0D-4451-AC24-47853DCE4E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "8976E88E-6F6C-4E77-87A4-8F1AAA854C7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "C53FAA2E-0DA8-4E61-A27F-B3A163664848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07949FB-2E87-4B8A-B7E2-60444ED696B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EE2FA6F-B00F-487E-ADAA-B1D143EC0E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A94B6D-5A85-413D-AE62-BF3AA92DF907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CCE11DA-4DA7-4514-B36B-31CA63152C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E760518-A52C-4A3F-83FB-ACCA48B7923F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A781F17-EF6E-45F5-9839-36C026CF9CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A55EC6-EECB-4804-9F67-02F21A7BFB51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "F55CA862-6178-4FEC-A122-6A62885D29EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F8B086-2248-415B-8021-C9C94A4E2FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D9C12FB-48A9-441A-9FA1-CBAB73F2F58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B75889-EBAC-445A-A533-BA3C1364221E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "D208640B-D2E6-46A3-BBC7-9C0762936539",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "216E8246-8E7B-4EAB-9452-E56AAE16765A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4F3F54-2AE0-46B3-97E4-39696C1AE6C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA16CCA-ABED-402E-9EE1-454B8E120892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA75982-D35A-42FA-A2E9-928AD9FE9CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EFB745A-88F7-4A47-9A44-8711E3606E08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFAC0FAB-F158-4E2F-B7AC-FFE63BA565D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4D6A2-DBC1-49EE-9638-A3A22511CB5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:1.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DB6C12-279A-4B0A-BE64-144AD038524A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDDD4AD-C0C8-4FDA-97E7-F1395340AFBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C27354-98E7-47D2-95CB-FF59963F24EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E94CFB0-5945-4A0A-A40B-BB8ABDC6911A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F21460D-70BE-4F66-BEA7-C6700310F8A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "C44CFB78-950B-4354-BF51-B4DE70723F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "812C82F6-EB76-43D0-8EA6-E917FE544139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "943A3E15-3069-4B55-90F9-A36EB82E1FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "090E313A-9FD2-4D07-9D41-FE9450E12110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E3FEC6-9C1D-4975-9B29-1510587416D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "952EBA2A-DCEC-41F0-A5D6-4EDC18DCBFDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A6D8E86-B710-4C18-BCAD-81A6CAEC5DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52C0634-FBC2-47CF-B1FA-E3E873D8AB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B4DB35-A633-4D6C-928A-FB016CF87A9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA5759E-A7DC-48B0-8BEA-616D5615FE5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "8420D18C-D4D5-4FB6-A5B2-F4DD3286C99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "160BE257-6A76-411E-8E5D-E5CA65C2B891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE182574-8650-4A4A-91F0-5D1497D1ADA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "8465A93C-2761-4DE8-A0B8-BF54912EC132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "5487F402-49C4-4DB3-92CA-5B40E760AE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "98ABCA8A-AFE4-48F0-842C-27C4D45EDAB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD4B602-A244-4410-BD90-57B4F7FE4668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "801EE163-E97C-4D5D-A4AB-F62DDFE2A593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C4E83F-83C6-4A48-BEAD-0F9EB737F94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "C261E066-B709-42AA-93C1-47044B499AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C45D85-7F72-4D5B-8581-3E038864822E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "831C74DF-AEDE-4EFD-95F8-9141E57614C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EB76BC4-93D9-4581-B8D3-219C9EB4F942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0BD93C6-8843-4E4D-9422-2D5DEA7FA6D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "B24A7721-761E-426D-AE73-DFADAF05F97E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFF3E6EC-9B6C-4807-98FD-44F90B86050D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A926CB5-3725-4A54-9514-6BD23AF7B92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "C211F634-B961-4FC9-A872-2E105C4711D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D2E218-A1BE-4A58-B058-55C71A0A69D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "B16BB981-16DE-4B15-9585-6C67E7CF0158",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:transmissionbt:transmission:2.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "6155BB7F-8D08-4B18-BC0D-F3E438EBF6E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en la funci\u00f3n tr_bitfieldEnsureNthBitAlloced en bitfield.c en Transmission anterior a 2.84 permite a atacantes remotos causar una denegaci\u00f3n de servicios y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensaje de par manipulado, lo que provoca una escritura fuera de rango."
    }
  ],
  "id": "CVE-2014-4909",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-07-29T14:55:07.703",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://inertiawar.com/submission.go"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/59897"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/60108"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/60527"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2014/dsa-2988"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/07/10/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/07/11/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/108997"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/68487"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2279-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=516822"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://trac.transmissionbt.com/wiki/Changes#version-2.84"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://twitter.com/benhawkes/statuses/484378151959539712"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://inertiawar.com/submission.go"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60527"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-2988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/07/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/07/11/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/108997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/68487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2279-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=516822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://trac.transmissionbt.com/wiki/Changes#version-2.84"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://twitter.com/benhawkes/statuses/484378151959539712"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-4909 (GCVE-0-2014-4909)

Vulnerability from cvelistv5 – Published: 2014-07-29 14:00 – Updated: 2024-08-06 11:27

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	https://trac.transmissionbt.com/wiki/Changes#vers…	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2014/07/10/4	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/68487	vdb-entryx_refsource_BID
	https://bugs.gentoo.org/show_bug.cgi?id=516822	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2014/07/11/5	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/60108	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/60527	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/59897	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-2988	vendor-advisoryx_refsource_DEBIAN
	http://inertiawar.com/submission.go	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-2279-1	vendor-advisoryx_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1118290	x_refsource_CONFIRM
	https://twitter.com/benhawkes/statuses/4843781519…	x_refsource_MISC
	http://lists.opensuse.org/opensuse-updates/2014-0…	vendor-advisoryx_refsource_SUSE
	http://www.osvdb.org/108997	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:27:36.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2014-8331",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://trac.transmissionbt.com/wiki/Changes#version-2.84"
          },
          {
            "name": "[oss-security] 20140710 CVE request: transmission peer communication vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/07/10/4"
          },
          {
            "name": "68487",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68487"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/show_bug.cgi?id=516822"
          },
          {
            "name": "[oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/07/11/5"
          },
          {
            "name": "60108",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60108"
          },
          {
            "name": "60527",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60527"
          },
          {
            "name": "59897",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59897"
          },
          {
            "name": "DSA-2988",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2988"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://inertiawar.com/submission.go"
          },
          {
            "name": "USN-2279-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2279-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://twitter.com/benhawkes/statuses/484378151959539712"
          },
          {
            "name": "openSUSE-SU-2014:0980",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html"
          },
          {
            "name": "108997",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/108997"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-11-05T22:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2014-8331",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://trac.transmissionbt.com/wiki/Changes#version-2.84"
        },
        {
          "name": "[oss-security] 20140710 CVE request: transmission peer communication vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/07/10/4"
        },
        {
          "name": "68487",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68487"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.gentoo.org/show_bug.cgi?id=516822"
        },
        {
          "name": "[oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/07/11/5"
        },
        {
          "name": "60108",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60108"
        },
        {
          "name": "60527",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60527"
        },
        {
          "name": "59897",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59897"
        },
        {
          "name": "DSA-2988",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2988"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://inertiawar.com/submission.go"
        },
        {
          "name": "USN-2279-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2279-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://twitter.com/benhawkes/statuses/484378151959539712"
        },
        {
          "name": "openSUSE-SU-2014:0980",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html"
        },
        {
          "name": "108997",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/108997"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4909",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2014-8331",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html"
            },
            {
              "name": "https://trac.transmissionbt.com/wiki/Changes#version-2.84",
              "refsource": "CONFIRM",
              "url": "https://trac.transmissionbt.com/wiki/Changes#version-2.84"
            },
            {
              "name": "[oss-security] 20140710 CVE request: transmission peer communication vulnerability",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/07/10/4"
            },
            {
              "name": "68487",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68487"
            },
            {
              "name": "https://bugs.gentoo.org/show_bug.cgi?id=516822",
              "refsource": "CONFIRM",
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=516822"
            },
            {
              "name": "[oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/07/11/5"
            },
            {
              "name": "60108",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60108"
            },
            {
              "name": "60527",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60527"
            },
            {
              "name": "59897",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59897"
            },
            {
              "name": "DSA-2988",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2988"
            },
            {
              "name": "http://inertiawar.com/submission.go",
              "refsource": "MISC",
              "url": "http://inertiawar.com/submission.go"
            },
            {
              "name": "USN-2279-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2279-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118290"
            },
            {
              "name": "https://twitter.com/benhawkes/statuses/484378151959539712",
              "refsource": "MISC",
              "url": "https://twitter.com/benhawkes/statuses/484378151959539712"
            },
            {
              "name": "openSUSE-SU-2014:0980",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html"
            },
            {
              "name": "108997",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/108997"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4909",
    "datePublished": "2014-07-29T14:00:00",
    "dateReserved": "2014-07-11T00:00:00",
    "dateUpdated": "2024-08-06T11:27:36.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2014-4909

CVE-2014-4909 (GCVE-0-2014-4909)

Tags

Sightings

Nomenclature