Vulnerability Details CVE-2014-7204
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://advisories.mageia.org/MGASA-2014-0415.html
- http://sourceforge.net/p/ctags/code/791/
- http://www.debian.org/security/2014/dsa-3042
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:178
- http://www.openwall.com/lists/oss-security/2014/09/29/40
- http://www.ubuntu.com/usn/USN-2371-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742605
- http://advisories.mageia.org/MGASA-2014-0415.html
- http://sourceforge.net/p/ctags/code/791/
- http://www.debian.org/security/2014/dsa-3042
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:178
- http://www.openwall.com/lists/oss-security/2014/09/29/40
- http://www.ubuntu.com/usn/USN-2371-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742605
Products affected by CVE-2014-7204
-
cpe:2.3:a:debian:exuberant_ctags:5.8
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:mageia:mageia:3.0
-
cpe:2.3:o:mageia:mageia:4.0