vulnerability
Ubuntu: (CVE-2014-6262): rrdtool vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 12, 2020 | Jun 26, 2025 | Jun 26, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 12, 2020
Added
Jun 26, 2025
Modified
Jun 26, 2025
Description
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted third argument to the rrdtool.graph function, aka ZEN-15415, a related issue to CVE-2013-2131.
Solution
no-fix-ubuntu-package
References
- CVE-2014-6262
- https://attackerkb.com/topics/CVE-2014-6262
- URL-https://github.com/oetiker/rrdtool-1.x/commit/64ed5314af1255ab6dded45f70b39cdeab5ae2ec
- URL-https://github.com/oetiker/rrdtool-1.x/commit/85261a013112e278c90224033f5b0592ee387786
- URL-https://github.com/oetiker/rrdtool-1.x/pull/532
- URL-https://www.cve.org/CVERecord?id=CVE-2014-6262
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.