CVE-2008-2654

🗓️ 13 Jun 2008 18:41:00Reported by [email protected]Type

Off-by-one error in read_client function in Motion 3.2.10 allows remote code execution via long request to Motion HTTP Control interface

Reporter	Title	Published	Views	Family All 11
CVE	CVE-2008-2654	13 Jun 200818:00	–	cve
Cvelist	CVE-2008-2654	13 Jun 200818:00	–	cvelist
Debian CVE	CVE-2008-2654	13 Jun 200818:00	–	debiancve
EUVD	EUVD-2008-2649	7 Oct 202500:30	–	euvd
Tenable Nessus	GLSA-200807-02 : Motion: Execution of arbitrary code	8 Jul 200800:00	–	nessus
Gentoo Linux	Motion: Execution of arbitrary code	1 Jul 200800:00	–	gentoo
OpenVAS	Gentoo Security Advisory GLSA 200807-02 (motion)	24 Sep 200800:00	–	openvas
OpenVAS	Gentoo Security Advisory GLSA 200807-02 (motion)	24 Sep 200800:00	–	openvas
OSV	DEBIAN-CVE-2008-2654	13 Jun 200818:41	–	osv
Prion	Stack overflow	13 Jun 200818:41	–	prion

NVD

Node

lavrsen motionRange≤3.2.10

Source	Link
securityfocus	www.securityfocus.com/bid/29636
lavrsen	www.lavrsen.dk/twiki/pub/Motion/ReleaseNoteMotion3x2x9/webhttpd-security-video2-backport.diff
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
secunia	www.secunia.com/advisories/30864
marc	www.marc.info/
marc	www.marc.info/
lavrsen	www.lavrsen.dk/twiki/pub/Motion/ReleaseNoteMotion3x2x10/webhttpd-security.diff
vupen	www.vupen.com/english/advisories/2008/1796
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/42979
secunia	www.secunia.com/advisories/30544

23 Apr 2026 00:35Current

7.9High risk

Vulners AI Score7.9

CVSS 210

EPSS0.0746