Lucene search

[email protected]NVD:CVE-2008-0226

HistoryJan 10, 2008 - 11:46 p.m.

CVE-2008-0226

2008-01-1023:46:00

CWE-119

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

JSON

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) “input_buffer& operator>>” in yassl_imp.cpp.

Affected configurations

NVD

Node

yasslyasslRange≤1.7.5

Node

mysqlmysqlMatch5.0.0

mysqlmysqlMatch5.0.1

mysqlmysqlMatch5.0.2

mysqlmysqlMatch5.0.3

mysqlmysqlMatch5.0.4

mysqlmysqlMatch5.0.5

mysqlmysqlMatch5.0.10

mysqlmysqlMatch5.0.15

mysqlmysqlMatch5.0.16

mysqlmysqlMatch5.0.17

mysqlmysqlMatch5.0.20

mysqlmysqlMatch5.0.24

mysqlmysqlMatch5.0.30

mysqlmysqlMatch5.0.36

mysqlmysqlMatch5.0.44

mysqlmysqlMatch5.0.54

mysqlmysqlMatch5.0.56

mysqlmysqlMatch5.0.60

mysqlmysqlMatch5.0.66

mysqlmysqlMatch5.1.5

oraclemysqlMatch5.0.23

oraclemysqlMatch5.0.25

oraclemysqlMatch5.0.26

oraclemysqlMatch5.0.28

oraclemysqlMatch5.0.30sp1

oraclemysqlMatch5.0.32

oraclemysqlMatch5.0.34

oraclemysqlMatch5.0.36sp1

oraclemysqlMatch5.0.38

oraclemysqlMatch5.0.40

oraclemysqlMatch5.0.41

oraclemysqlMatch5.0.42

oraclemysqlMatch5.0.44sp1

oraclemysqlMatch5.0.45

oraclemysqlMatch5.0.46

oraclemysqlMatch5.0.48

oraclemysqlMatch5.0.50

oraclemysqlMatch5.0.50sp1

oraclemysqlMatch5.0.51

oraclemysqlMatch5.0.52

oraclemysqlMatch5.0.56sp1

oraclemysqlMatch5.0.58

oraclemysqlMatch5.0.60sp1

oraclemysqlMatch5.0.62

oraclemysqlMatch5.0.64

oraclemysqlMatch5.0.66sp1

oraclemysqlMatch5.1

oraclemysqlMatch5.1.1

oraclemysqlMatch5.1.2

oraclemysqlMatch5.1.3

oraclemysqlMatch5.1.4

oraclemysqlMatch5.1.6

oraclemysqlMatch5.1.7

oraclemysqlMatch5.1.8

oraclemysqlMatch5.1.9

oraclemysqlMatch5.1.10

oraclemysqlMatch5.1.11

oraclemysqlMatch5.1.12

oraclemysqlMatch5.1.13

oraclemysqlMatch5.1.14

oraclemysqlMatch5.1.15

oraclemysqlMatch5.1.16

oraclemysqlMatch5.1.17

oraclemysqlMatch5.1.18

oraclemysqlMatch5.1.19

oraclemysqlMatch5.1.20

oraclemysqlMatch5.1.21

oraclemysqlMatch5.1.22

Node

applemac_os_xMatch10.5.4

Node

debiandebian_linuxMatch5.0

Node

canonicalubuntu_linuxMatch6.06lts

canonicalubuntu_linuxMatch6.10

canonicalubuntu_linuxMatch7.04

canonicalubuntu_linuxMatch7.10

References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

JSON

Related for NVD:CVE-2008-0226

saint4 ubuntucve1 packetstorm2 checkpoint_advisories1 prion1 redhatcve1 cve1 cvelist1 openvas10 debian1 nessus7 altlinux1 osv1 ubuntu2