Stack-based Buffer Overflow in DirectFB 1.4.13 Dispatch_Write Function

Stack-based Buffer Overflow in DirectFB 1.4.13 Dispatch_Write Function

CVE-2014-2977 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.

Learn more about our Attack Surface Assessment.