← Back

CVE-2014-2977

nvd nist
Published: Jun 11, 2014Modified: May 6, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.

Affected (7)

Opensuse
1 product
Opensuse
Suse
4 products
Linux Enterprise Desktop
Linux Enterprise Software Development Kit
Linux Enterprise Workstation Extension
Suse Linux Enterprise Server
Directfb
1 product
Directfb
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 13.1
Opensuse
Version 13.2
Linux Enterprise Desktop
Version 12
Linux Enterprise Software Development Kit
Version 12
Linux Enterprise Workstation Extension
Version 12
Suse Linux Enterprise Server
Version 12
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Directfb
Version 1.4.13

Related CWEs

CWE-189
CWE-189

References (16)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.