Lucene search

[email protected]CVE-2008-5381

HistoryDec 09, 2008 - 12:30 a.m.

CVE-2008-5381

2008-12-0900:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-5381

ffdshow

buffer overflow

url processing

remote code execution

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.191 Low

EPSS

Percentile

96.3%

JSON

Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) before SVN revision 2347 allows remote attackers to execute arbitrary code via a long URL.

Affected configurations

NVD

Node

ffdshow-tryoutffdshow

CPENameOperatorVersion
ffdshow-tryout:ffdshowffdshow-tryout ffdshoweq*

CPE	Name	Operator	Version
ffdshow-tryout:ffdshow	ffdshow-tryout ffdshow	eq	*

References

secunia.com/advisories/32846

secunia.com/advisories/32881

security.bkis.vn/?p=277

securityreason.com/securityalert/4697

www.securityfocus.com/archive/1/498585/100/0/threaded

www.securityfocus.com/bid/32438

www.vupen.com/english/advisories/2008/3249

exchange.xforce.ibmcloud.com/vulnerabilities/46810

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.191 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2008-5381

saint4 checkpoint_advisories1 prion1 nvd1 nessus1 cvelist1