CVE-2014-8483 Common Vulnerabilities and Exposures

Upstream information

CVE-2014-8483 at MITRE

Description

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

SUSE information

Overall state of this security issue: Resolved

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

CVSS v2 Scores
CVSS detail	National Vulnerability Database	SUSE
Base Score	5	1.2
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P	AV:L/AC:H/Au:N/C:P/I:N/A:N
Access Vector	Network	Local
Access Complexity	Low	High
Authentication	None	None
Confidentiality Impact	None	Partial
Integrity Impact	None	None
Availability Impact	Partial	None

SUSE Bugzilla entry: 902670 [RESOLVED / FIXED]

SUSE Security Advisories:

openSUSE-SU-2014:1382-1 openSUSE-SU-2014:1406-1 openSUSE-SU-2015:0573-1

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Leap 15.0	`konversation >= 1.7.4-lp150.2.1` `konversation-lang >= 1.7.4-lp150.2.1`	Patchnames: openSUSE Leap 15.0 GA konversation-1.7.4-lp150.2.1
openSUSE Leap 15.2	`konversation >= 1.7.5-lp152.3.4` `konversation-lang >= 1.7.5-lp152.3.4`	Patchnames: openSUSE Leap 15.2 GA konversation-1.7.5-lp152.3.14
openSUSE Leap 15.3	`konversation >= 1.7.5-bp153.1.25` `konversation-lang >= 1.7.5-bp153.1.25`	Patchnames: openSUSE Leap 15.3 GA konversation-1.7.5-bp153.1.25
openSUSE Leap 15.4	`konversation >= 21.12.3-bp154.1.33` `konversation-lang >= 21.12.3-bp154.1.33`	Patchnames: openSUSE Leap 15.4 GA konversation-21.12.3-bp154.1.33
openSUSE Tumbleweed	`konversation >= 1.6.2-1.3` `konversation-lang >= 1.6.2-1.3`	Patchnames: openSUSE-Tumbleweed-2024-10238

SUSE Timeline for this CVE

CVE page created: Mon Oct 27 06:38:27 2014
CVE page last modified: Wed Mar 18 13:24:42 2026