Search for vulnerabilities
Vulnerability details: VCID-tv5p-yzmm-aaab
Vulnerability ID VCID-tv5p-yzmm-aaab
Aliases CVE-2014-3707
Summary The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-125 Out-of-bounds Read
CWE-416 Use After Free
CWE-126 Buffer Over-read
System Score Found at
generic_textual Medium http://curl.haxx.se/docs/adv_20141105.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3707.html
rhas Moderate https://access.redhat.com/errata/RHSA-2015:1254
rhas Moderate https://access.redhat.com/errata/RHSA-2015:2159
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00279 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00279 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00279 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00279 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00311 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00401 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00672 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00753 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00753 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00986 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.00986 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
epss 0.01301 https://api.first.org/data/v1/epss?cve=CVE-2014-3707
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1154941
cvssv3.1 Medium https://curl.se/docs/CVE-2014-3707.html
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2014-3707
generic_textual Medium https://ubuntu.com/security/notices/USN-2399-1
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Reference id Reference type URL
http://curl.haxx.se/docs/adv_20141105.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3707.html
http://rhn.redhat.com/errata/RHSA-2015-1254.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json
https://api.first.org/data/v1/epss?cve=CVE-2014-3707
https://curl.se/docs/CVE-2014-3707.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707
https://support.apple.com/kb/HT205031
https://ubuntu.com/security/notices/USN-2399-1
http://www.debian.org/security/2014/dsa-3069
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/70988
http://www.ubuntu.com/usn/USN-2399-1
1154941 https://bugzilla.redhat.com/show_bug.cgi?id=1154941
cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hyperion:11.1.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hyperion:11.1.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVE-2014-3707 https://nvd.nist.gov/vuln/detail/CVE-2014-3707
RHSA-2015:1254 https://access.redhat.com/errata/RHSA-2015:1254
RHSA-2015:2159 https://access.redhat.com/errata/RHSA-2015:2159
USN-2399-1 https://usn.ubuntu.com/2399-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2014-3707
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.50808
EPSS Score 0.00277
Published At May 4, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.