Vulnerability Details CVE-2014-5044
Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.04
EPSS Ranking 87.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.openwall.com/lists/oss-security/2014/07/24/1
- http://www.openwall.com/lists/oss-security/2014/07/31/6
- https://bugzilla.redhat.com/show_bug.cgi?id=1122812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94849
- https://gcc.gnu.org/viewcvs/gcc/trunk/libgfortran/ChangeLog?limit_changes=0&view=markup&pathrev=211721
- http://www.openwall.com/lists/oss-security/2014/07/24/1
- http://www.openwall.com/lists/oss-security/2014/07/31/6
- https://bugzilla.redhat.com/show_bug.cgi?id=1122812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94849
- https://gcc.gnu.org/viewcvs/gcc/trunk/libgfortran/ChangeLog?limit_changes=0&view=markup&pathrev=211721
Products affected by CVE-2014-5044
-
cpe:2.3:a:gnu:libgfortran:*