Lucene search

[email protected]CVE-2008-3733

HistoryAug 20, 2008 - 4:41 p.m.

CVE-2008-3733

2008-08-2016:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-3733

buffer overflow

eo video

denial of service

arbitrary code execution

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.114 Low

EPSS

Percentile

95.2%

JSON

Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.

Affected configurations

NVD

Node

eo-videoeo-videoMatch1.36

CPENameOperatorVersion
eo-video:eo-videoeo-videoeq1.36

CPE	Name	Operator	Version
eo-video:eo-video	eo-video	eq	1.36

References

secunia.com/advisories/31511

securityreason.com/securityalert/4171

www.securityfocus.com/bid/30717

exchange.xforce.ibmcloud.com/vulnerabilities/44508

www.exploit-db.com/exploits/6253

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.114 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2008-3733

cvelist1 nvd1 prion1