Vulnerability Details CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
- https://web.archive.org/web/20140701023922/http://www.oberhumer.com/opensource/lzo/
- http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
- https://web.archive.org/web/20140701023922/http://www.oberhumer.com/opensource/lzo/