CVE-2014-6273

CWE-119Buffer Overflow9 documents7 sources
Severity
6.8MEDIUM
EPSS
0.7%
top 28.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Advanced Package Tool
Timeline
PublishedSep 30
Latest updateMay 13

Description

Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

Debianapt< 1.0.3+3
Ubuntuapt< 1.0.1ubuntu2.4.1

Patches

Patch: www.ubuntu.comPatch: www.ubuntu.com

🔴Vulnerability Details

4
GHSA
GHSA-qxxp-8f4q-wv5v: Buffer overflow in the HTTP transport code in apt-get in APT 12022-05-13
CVEList
CVE-2014-6273: Buffer overflow in the HTTP transport code in apt-get in APT 12014-09-30
OSV
CVE-2014-6273: Buffer overflow in the HTTP transport code in apt-get in APT 12014-09-30
OSV
apt vulnerability2014-09-23

📋Vendor Advisories

2
Ubuntu
APT vulnerability2014-09-23
Debian
CVE-2014-6273: apt - Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier a...2014

💬Community

2
Bugzilla
CVE-2014-6273 apt: possible stack-based buffer overflow when handling HTTP URLs2014-09-24
Bugzilla
CVE-2014-6273 apt: possible stack-based buffer overflow when handling HTTP URLs [fedora-all]2014-09-24
CVE-2014-6273 (MEDIUM CVSS 6.8) | Buffer overflow in the HTTP transpo | cvebase.io