CVE-2014-9488
published 2015-04-14CVE-2014-9488: The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an…
critical10CVSS 3.1
AVNACLAuNCCICAC
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | less | < less 481-1 (bookworm) | less 481-1 (bookworm) |
| gnu | less | <= 471 | — |
| gnu | less | >= 0 < 481-1 | 481-1 |
| gnu | less | >= 0 < 481-1 | 481-1 |
| gnu | less | >= 0 < 481-1 | 481-1 |
| gnu | less | >= 0 < 481-1 | 481-1 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL