CVE-2014-4502

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
10
HIGH
Affected
3
PROJECTS

Description

Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.

luke-jr/bfgminer
luke-jr/bfgminer
Modular ASIC/FPGA miner written in C, featuring overclocking, monitoring, fan speed control and remote interface capabilities.
GitHubGitHub
1.95K
ckolivas/cgminer
ckolivas/cgminer
ASIC and FPGA miner in c for bitcoin
GitHubGitHub
3.68K
sgminer-dev/sgminer
sgminer-dev/sgminer
Scrypt GPU miner
GitHubGitHub
635