{"id":"CVE-2013-7290","details":"The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.","modified":"2026-04-16T01:42:36.192627423Z","published":"2014-01-13T21:55:05Z","withdrawn":"2026-01-27T04:13:14.423068Z","related":["SUSE-SU-2018:0778-1","SUSE-SU-2018:0807-1","openSUSE-SU-2024:10021-1"],"references":[{"type":"FIX","url":"https://code.google.com/p/memcached/issues/detail?id=306"},{"type":"FIX","url":"https://code.google.com/p/memcached/wiki/ReleaseNotes1417"},{"type":"WEB","url":"http://www.securityfocus.com/bid/64988"}],"schema_version":"1.7.3"}