CVE-2008-2954

2008-07-0122:41:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-2954

linux dc++

linuxdcpp

denial of service

out-of-bounds read

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.2

Confidence

Low

EPSS

0.037

Percentile

91.8%

JSON

client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.

Affected configurations

Nvd

Node

linuxdirect_connectMatch0.686

linuxdirect_connectMatch0.699

linuxdirect_connectMatch0.700

linuxdirect_connectMatch0.701

linuxdirect_connectMatch0.702

linuxdirect_connectMatch0.703

linuxdirect_connectMatch0.704

linuxdirect_connectMatch0.705

linuxdirect_connectMatch0.706

VendorProductVersionCPE
linuxdirect_connect0.686cpe:2.3:a:linux:direct_connect:0.686:*:*:*:*:*:*:*
linuxdirect_connect0.699cpe:2.3:a:linux:direct_connect:0.699:*:*:*:*:*:*:*
linuxdirect_connect0.700cpe:2.3:a:linux:direct_connect:0.700:*:*:*:*:*:*:*
linuxdirect_connect0.701cpe:2.3:a:linux:direct_connect:0.701:*:*:*:*:*:*:*
linuxdirect_connect0.702cpe:2.3:a:linux:direct_connect:0.702:*:*:*:*:*:*:*
linuxdirect_connect0.703cpe:2.3:a:linux:direct_connect:0.703:*:*:*:*:*:*:*
linuxdirect_connect0.704cpe:2.3:a:linux:direct_connect:0.704:*:*:*:*:*:*:*
linuxdirect_connect0.705cpe:2.3:a:linux:direct_connect:0.705:*:*:*:*:*:*:*
linuxdirect_connect0.706cpe:2.3:a:linux:direct_connect:0.706:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	direct_connect	0.686	cpe:2.3:a:linux:direct_connect:0.686:::::::*
linux	direct_connect	0.699	cpe:2.3:a:linux:direct_connect:0.699:::::::*
linux	direct_connect	0.700	cpe:2.3:a:linux:direct_connect:0.700:::::::*
linux	direct_connect	0.701	cpe:2.3:a:linux:direct_connect:0.701:::::::*
linux	direct_connect	0.702	cpe:2.3:a:linux:direct_connect:0.702:::::::*
linux	direct_connect	0.703	cpe:2.3:a:linux:direct_connect:0.703:::::::*
linux	direct_connect	0.704	cpe:2.3:a:linux:direct_connect:0.704:::::::*
linux	direct_connect	0.705	cpe:2.3:a:linux:direct_connect:0.705:::::::*
linux	direct_connect	0.706	cpe:2.3:a:linux:direct_connect:0.706:::::::*