Lucene search

[email protected]CVE-2008-2388

HistoryJun 06, 2008 - 10:32 p.m.

CVE-2008-2388

2008-06-0622:32:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-2388

opensuse-updater

off-by-one errors

opensuse 10.2

security problem

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.7%

JSON

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these “can be considered no security problem.”

Affected configurations

NVD

Node

opensuseopensuseMatch10.2

CPENameOperatorVersion
opensuse:opensuseopensuseeq10.2

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	10.2

References

lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html

secunia.com/advisories/30581

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.7%

JSON

Related for CVE-2008-2388

nvd1 cvelist1 prion1