2.9
CVE-2014-3970
- EPSS 1.46%
- Veröffentlicht 11.06.2014 14:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pulseaudio ≫ Pulseaudio Version1.0
Pulseaudio ≫ Pulseaudio Version1.1
Pulseaudio ≫ Pulseaudio Version1.99.1
Pulseaudio ≫ Pulseaudio Version1.99.2
Pulseaudio ≫ Pulseaudio Version2.0
Pulseaudio ≫ Pulseaudio Version2.1
Pulseaudio ≫ Pulseaudio Version3.0
Pulseaudio ≫ Pulseaudio Version4.0
Pulseaudio ≫ Pulseaudio Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.46% | 0.701 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.9 | 5.5 | 2.9 |
AV:A/AC:M/Au:N/C:N/I:N/A:P
|
http://advisories.mageia.org/MGASA-2014-0440.html
http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-May/020740.html
http://seclists.org/oss-sec/2014/q2/429
http://seclists.org/oss-sec/2014/q2/437
http://secunia.com/advisories/60624
http://www.mandriva.com/security/advisories?name=MDVSA-2015:134
http://www.securityfocus.com/bid/67814