Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
References
Configurations
History
No history.
Information
Published : 2016-07-22 02:59
Updated : 2024-02-04 18:53
NVD link : CVE-2014-9862
Mitre link : CVE-2014-9862
CVE.ORG link : CVE-2014-9862
JSON object : View
Products Affected
apple
- mac_os_x
CWE
CWE-190
Integer Overflow or Wraparound