Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/32363 - | |
References | () http://www.openwall.com/lists/oss-security/2008/10/15/6 - | |
References | () http://www.securityfocus.com/bid/31770 - Patch | |
References | () http://www.sentex.net/~mwandel/jhead/changes.txt - | |
References | () https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 - Exploit | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html - |
Information
Published : 2008-10-15 20:07
Updated : 2024-11-21 00:52
NVD link : CVE-2008-4575
Mitre link : CVE-2008-4575
CVE.ORG link : CVE-2008-4575
JSON object : View
Products Affected
sentex
- jhead
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer