Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)
Medium Nessus Plugin ID 80701
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments. (CVE-2014-5461)
SolutionUpgrade to Solaris 22.214.171.124.1.