Lucene search

[email protected]CVE-2008-5722

HistoryDec 26, 2008 - 5:30 p.m.

CVE-2008-5722

2008-12-2617:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-5722

buffer overflow

sawstudio 3.9i

denial of service

remote attackers

arbitrary code

.prf file

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.1%

JSON

Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.

Affected configurations

NVD

Node

sawstudiosawstudioMatch3.9i

CPENameOperatorVersion
sawstudio:sawstudiosawstudioeq3.9i

CPE	Name	Operator	Version
sawstudio:sawstudio	sawstudio	eq	3.9i

References

osvdb.org/51025

securityreason.com/securityalert/4808

www.securityfocus.com/bid/33011

www.exploit-db.com/exploits/7578

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2008-5722

nvd1 prion1 cvelist1