Lucene search

[email protected]NVD:CVE-2008-0070

HistoryMar 31, 2008 - 5:44 p.m.

CVE-2008-0070

2008-03-3117:44:00

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.021

Percentile

89.4%

JSON

Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

orb_networksorbMatch2.0.1014

VendorProductVersionCPE
orb_networksorb2.0.1014cpe:2.3:a:orb_networks:orb:2.0.1014:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
orb_networks	orb	2.0.1014	cpe:2.3:a:orb_networks:orb:2.0.1014:::::::*

References

secunia.com/advisories/28203

secunia.com/secunia_research/2008-5/advisory/

www.securityfocus.com/bid/28431

www.vupen.com/english/advisories/2008/0984/references

exchange.xforce.ibmcloud.com/vulnerabilities/41410

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.021

Percentile

89.4%

JSON

Related for NVD:CVE-2008-0070

seebug1 cvelist1 prion1 cve1