Vulnerability CVE-2014-5256 - CERT Civis.Net

Vulnerability Name:

CVE-2014-5256 (CCN-95057)

Assigned:

2014-07-31

Published:

2014-07-31

Updated:

2015-05-12

Summary:

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: CONFIRM
Type: UNKNOWN
http://advisories.mageia.org/MGASA-2014-0516.html

Source: CCN
Type: Node.js Blog
V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30)

Source: CONFIRM
Type: Patch, Vendor Advisory
http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/

Source: CCN
Type: Google Web site
V8 JavaScript Engine

Source: MITRE
Type: CNA
CVE-2014-5256

Source: SECUNIA
Type: UNKNOWN
61260

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21684769

Source: CCN
Type: Google Chrome Web site
Google Chrome

Source: CCN
Type: IBM Security Bulletin 1684769
A security vulnerability in Node.js affects the IBM Business Process Manager (BPM) configuration editor (CVE-2014-5256)

Source: CCN
Type: IBM Security Bulletin 1685398
Memory corruption security vulnerability in IBM API Management V3.0

Source: CCN
Type: IBM Security Bulletin 1685467
Multiple vulnerabilities affecting the IBM SDK for Node.js used by the Cordova platform packaged with Rational Application Developer (CVE-2014-3508 CVE-2014-5139 CVE-2014-3509 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3510 CVE

Source: CCN
Type: IBM Security Bulletin 1686792
Multiple vulnerabilities affecting the Cordova platform and IBM SDK Node.js packaged with Rational Software Architect and Rational Software Architect for WebSphere Software

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:142

Source: CCN
Type: BID-69157
V8 JavaScript Engine Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
v8-nodejs-dos(95057)

Source: CCN
Type: Node.js GIT Repository
v8: Interrupts must not mask stack overflow

Source: CONFIRM
Type: Exploit
https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356

Source: CCN
Type: IBM Security Bulletin 1682094
Current Release of IBM SDK for Node.js is affected by CVE-2014-5256

Vulnerable Configuration:

Configuration 1:

cpe:/a:nodejs:nodejs:0.8.0:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.1:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.2:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.3:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.4:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.5:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.6:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.7:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.8:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.9:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.10:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.11:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.12:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.13:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.14:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.15:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.16:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.17:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.18:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.19:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.20:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.21:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.22:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.23:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.24:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.25:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.26:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.8.27:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.0:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.1:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.2:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.3:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.4:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.5:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.6:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.7:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.8:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.9:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.10:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.11:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.12:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.13:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.14:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.15:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.16:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.17:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.18:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.19:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.20:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.21:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.22:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.23:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.24:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.25:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.26:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.27:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.28:*:*:*:*:*:*:*

OR cpe:/a:nodejs:nodejs:0.10.29:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:google:v8:*:*:*:*:*:*:*:*

OR cpe:/a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*

OR cpe:/a:nodejs:node.js:0.8.25:*:*:*:*:*:*:*

AND

cpe:/a:ibm:api_management:3.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_software_architect:9.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_software_architect:9.1.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.bionic:def:201452560000000	V	CVE-2014-5256 on Ubuntu 18.04 LTS (bionic) - medium.	2014-09-05
oval:com.ubuntu.artful:def:20145256000	V	CVE-2014-5256 on Ubuntu 17.10 (artful) - medium.	2014-09-05
oval:com.ubuntu.trusty:def:20145256000	V	CVE-2014-5256 on Ubuntu 14.04 LTS (trusty) - medium.	2014-09-05
oval:com.ubuntu.xenial:def:201452560000000	V	CVE-2014-5256 on Ubuntu 16.04 LTS (xenial) - medium.	2014-09-05
oval:com.ubuntu.bionic:def:20145256000	V	CVE-2014-5256 on Ubuntu 18.04 LTS (bionic) - medium.	2014-09-05
oval:com.ubuntu.xenial:def:20145256000	V	CVE-2014-5256 on Ubuntu 16.04 LTS (xenial) - medium.	2014-09-05
oval:com.ubuntu.cosmic:def:20145256000	V	CVE-2014-5256 on Ubuntu 18.10 (cosmic) - medium.	2014-09-05
oval:com.ubuntu.cosmic:def:201452560000000	V	CVE-2014-5256 on Ubuntu 18.10 (cosmic) - medium.	2014-09-05
oval:com.ubuntu.precise:def:20145256000	V	CVE-2014-5256 on Ubuntu 12.04 LTS (precise) - medium.	2014-09-05