CVE-2014-2892

EPSS 5.1%

libmms - security update

Published: 4/22/2014Modified: 4/28/2026

Description

Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.

Affected packages (2)

Debian/libmmsfrom 0, < 0.6.2-4
Debian/libmmsfrom 0, < 0.6-1+squeeze2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-2892