Lucene search

[email protected]CVE-2008-3252

HistoryJul 21, 2008 - 5:41 p.m.

CVE-2008-3252

2008-07-2117:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-3252

buffer overflow

getarticle.c

newsx 1.6

remote code execution

nvd

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.299 Low

EPSS

Percentile

96.9%

JSON

Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.

CPENameOperatorVersion
fedora:newsxfedora newsxeq1.6

CPE	Name	Operator	Version
fedora:newsx	fedora newsx	eq	1.6

References

secunia.com/advisories/31080

secunia.com/advisories/31307

www.debian.org/security/2008/dsa-1622

www.securityfocus.com/bid/30231

bugzilla.redhat.com/show_bug.cgi?id=454483

exchange.xforce.ibmcloud.com/vulnerabilities/43844

www.redhat.com/archives/fedora-package-announce/2008-July/msg00485.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00565.html

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.299 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2008-3252

nessus3 openvas6 debian1 securityvulns2 prion1 osv1 ubuntucve1