High severity8.8NVD Advisory· Published Apr 19, 2016· Updated May 6, 2026
CVE-2014-9765
CVE-2014-9765
Description
Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file.
Affected products
7cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- lists.opensuse.org/opensuse-updates/2016-02/msg00125.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00131.htmlnvd
- www.debian.org/security/2016/dsa-3484nvd
- www.openwall.com/lists/oss-security/2016/02/08/1nvd
- www.openwall.com/lists/oss-security/2016/02/08/2nvd
- www.securityfocus.com/bid/83109nvd
- www.ubuntu.com/usn/USN-2901-1nvd
- github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2nvd
- security.gentoo.org/glsa/201701-40nvd
News mentions
0No linked articles in our index yet.