cpe:/a:debian:hivex:1.3.10-2 cpe:/o:novell:opensuse:13.1 cpe:/o:novell:opensuse:13.2 cpe:/o:redhat:enterprise_linux_desktop:6.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_hpc_node:6.0 cpe:/o:redhat:enterprise_linux_server:6.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_workstation:6.0 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2014-9273 2014-12-08T11:59:11.947-05:00 2017-06-30T21:29:08.920-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2016-08-30T11:08:41.537-04:00 ALLOWS_OTHER_ACCESS SECUNIA 62792 BID 71279 GENTOO GLSA-201503-07 REDHAT RHSA-2015:0301 REDHAT RHSA-2015:1378 MLIST [Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives MLIST [oss-security] 20141125 CVE request: missing checks for small-sized files in hivex MLIST [oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1167756 CONFIRM https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb CONFIRM https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705 SUSE openSUSE-SU-2015:0189 lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.