Lucene search

[email protected]CVE-2008-2304

HistoryJul 14, 2008 - 6:41 p.m.

CVE-2008-2304

2008-07-1418:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-2304

buffer overflow

apple

core image

fun house

xcode

denial of service

nvd

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.6%

JSON

Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.

CPENameOperatorVersion
apple:core_image_fun_houseapple core image fun housele2.0

CPE	Name	Operator	Version
apple:core_image_fun_house	apple core image fun house	le	2.0

References

lists.apple.com/archives/security-announce//2008/Jul/msg00002.html

secunia.com/advisories/31060

securityreason.com/securityalert/3988

support.apple.com/kb/HT2352

www.securityfocus.com/archive/1/494230/100/0/threaded

www.securityfocus.com/bid/30189

www.securitytracker.com/id?1020472

www.vupen.com/english/advisories/2008/2093/references

exchange.xforce.ibmcloud.com/vulnerabilities/43733

www.exploit-db.com/exploits/6043

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.6%

JSON

Related for CVE-2008-2304

cvelist1 prion1 seebug1