Lucene search
HistoryJul 16, 2008 - 6:41 p.m.
CVE-2008-3196
cve-2008-3196
yacc
stack access
out-of-bounds
nvd
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.5%
skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.
Affected configurations
Node
yaccyacc
Related
prion
prion
Design/Logic Flaw
2008-07-16 18:41:00
nvd
nvd
CVE-2008-3196
2008-07-16 18:41:00
nessus
nessus
RHEL 4 : byacc (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 3 : byacc (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : byacc (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2008-3196
2008-07-16 18:41:00
cvelist
cvelist
CVE-2008-3196
2008-07-16 18:00:00
ubuntucve
ubuntucve
CVE-2008-3196
2008-07-16 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.5%
Related for CVE-2008-3196