Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Florian Weimer discovered that json-c incorrectly handled buffer
lengths. An attacker could use this issue with a specially crafted
large JSON document to cause json-c to crash, resulting in a denial of
Florian Weimer discovered that json-c incorrectly handled hash arrays.
An attacker could use this issue with a specially crafted JSON
document to cause json-c to consume CPU resources, resulting in a
denial of service. (CVE-2013-6371).
Update the affected libjson0 package.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false