Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-9417

CWE-20 — Improper Input Validation4 documents4 sources
Severity
2.1LOW
EPSS
0.1%
top 72.26%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Huawei Espace Desktop
Timeline
PublishedDec 24
Latest updateMay 14

Description

The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

â–¶NVDhuawei/espace_desktopv100r001c03

🔴Vulnerability Details

2
GHSA
GHSA-p22g-7hp6-wj84: The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image↗2022-05-14
â–¶
CVEList
CVE-2014-9417: The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image↗2014-12-24
â–¶

💥Exploits & PoCs

1
Exploit-DB
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow↗2019-05-20
â–¶
CVE-2014-9417 (LOW CVSS 2.1) | The Meeting component in Huawei eSp | cvebase.io