Lucene search

[email protected]CVE-2008-3496

HistoryAug 06, 2008 - 6:41 p.m.

CVE-2008-3496

2008-08-0618:41:00

CWE-120

[email protected]

web.nvd.nist.gov

cve-2008-3496

buffer overflow

uvc_parse_format

linux kernel

nvd

video4linux

v4l

uvcvideo

format descriptor parsing

drivers media video

6.5 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

JSON

Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt2.6.26.1

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	2.6.26.1

References

lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

lkml.org/lkml/2008/7/30/655

secunia.com/advisories/31982

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1

www.mandriva.com/security/advisories?name=MDVSA-2008:223

www.securityfocus.com/bid/30514

exchange.xforce.ibmcloud.com/vulnerabilities/44184

Social References

6.5 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

JSON

Related for CVE-2008-3496

nessus4 prion1 ubuntucve1 openvas2 oraclelinux1