Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDBCF27002-94C3-11D9-A9E0-0001020EED82
HistoryNov 02, 2003 - 12:00 a.m.

grip -- CDDB response multiple matches buffer overflow vulnerability

2003-11-0200:00:00
vuxml.freebsd.org
18

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.5%

JSON

Joseph VanAndel reports that grip is vulnerability to a
buffer overflow vulnerability when receiving more than 16
CDDB responses. This could lead to a crash in grip and
potentially execution arbitrary code.
A workaround is to disable CDDB lookups.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgrip< 3.2.0_7UNKNOWN

Related

openvas 38
fedora 5
nessus 20
cvelist 1
cve 2
securityvulns 1
gentoo 2
ubuntucve 1
redhat 2
centos 2
oraclelinux 1
debiancve 1
nvd 2
freebsd 1
openvas
openvas
Gentoo Security Advisory GLSA 200504-07 (GnomeVFS)
2008-09-24 00:00:00
CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)
2009-02-10 00:00:00
CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)
2009-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: libcdaudio-0.99.12p2-11.fc9
2009-02-05 02:22:51
[SECURITY] Fedora 8 Update: grip-3.2.0-24.fc8
2008-11-19 14:52:50
[SECURITY] Fedora 9 Update: grip-3.2.0-24.fc9
2008-11-19 14:45:30
nessus
nessus
RHEL 2.1 / 3 / 4 : gnome-vfs, gnome-vfs2 (RHSA-2009:0005)
2009-01-07 00:00:00
Fedora 10 : libcdaudio-0.99.12p2-11.fc10 (2008-11848)
2009-04-23 00:00:00
Fedora 9 : libcdaudio-0.99.12p2-11.fc9 (2008-11956)
2009-02-05 00:00:00
cvelist
cvelist
CVE-2005-0706
2005-03-09 05:00:00
cve
cve
CVE-2005-0706
2005-05-02 04:00:00
CVE-2005-0840
2005-05-02 04:00:00
securityvulns
securityvulns
[Full-disclosure] [ GLSA 200504-07 ] GnomeVFS, libcdaudio: CDDB response overflow
2005-04-09 00:00:00
gentoo
gentoo
Grip: CDDB response overflow
2005-03-17 00:00:00
GnomeVFS, libcdaudio: CDDB response overflow
2005-04-08 00:00:00
ubuntucve
ubuntucve
CVE-2005-0706
2005-05-02 00:00:00
redhat
redhat
(RHSA-2005:304) grip security update
2005-03-28 00:00:00
(RHSA-2009:0005) Moderate: gnome-vfs, gnome-vfs2 security update
2009-01-07 00:00:00
centos
centos
gnome security update
2009-01-07 22:22:23
gnome security update
2009-02-02 23:27:51
oraclelinux
oraclelinux
gnome-vfs, gnome-vfs2 security update
2009-01-07 00:00:00
debiancve
debiancve
CVE-2005-0706
2005-05-02 04:00:00
nvd
nvd
CVE-2005-0706
2005-05-02 04:00:00
CVE-2005-0840
2005-05-02 04:00:00
freebsd
freebsd
libcdaudio -- remote buffer overflow and code execution
2008-11-05 00:00:00

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.5%

JSON
Related for BCF27002-94C3-11D9-A9E0-0001020EED82
openvas38fedora5nessus20cvelist1cve2securityvulns1gentoo2ubuntucve1redhat2centos2oraclelinux1debiancve1nvd2freebsd1