{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-09-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-11-16T20:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"USN-2352-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-2352-1"},{"name":"openSUSE-SU-2014:1239","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=83622"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"name":"61378","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/61378"},{"name":"[oss-security] 20140916 CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2014/09/16/9"},{"name":"1030864","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1030864"},{"tags":["x_refsource_CONFIRM"],"url":"http://advisories.mageia.org/MGASA-2014-0395.html"},{"name":"DSA-3026","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2014/dsa-3026"},{"name":"MDVSA-2015:176","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T10:50:18.235Z"},"title":"CVE Program Container","references":[{"name":"USN-2352-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2352-1"},{"name":"openSUSE-SU-2014:1239","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=83622"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"name":"61378","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/61378"},{"name":"[oss-security] 20140916 CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2014/09/16/9"},{"name":"1030864","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1030864"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://advisories.mageia.org/MGASA-2014-0395.html"},{"name":"DSA-3026","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2014/dsa-3026"},{"name":"MDVSA-2015:176","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2014-3635","datePublished":"2014-09-22T15:00:00.000Z","dateReserved":"2014-05-14T00:00:00.000Z","dateUpdated":"2024-08-06T10:50:18.235Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}