Your submission was sent successfully! Close

CVE-2014-8184

Published: 31 December 2014

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
liblouis
Launchpad, Ubuntu, Debian
Upstream
Released (2.5.4)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(2.6.4-2ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [2.5.3-2ubuntu1.2])
Patches:
Other: https://github.com/liblouis/liblouis/commit/dc97ef791a4fae9da11592c79f9f79e010596e0c#diff-7ade83431f79d2120c82012aee3b05c9L4524