CVE-2008-3252

2008-07-2117:41:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.299

Percentile

97.0%

JSON

Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.

Affected configurations

Nvd

Node

redhatfedoraMatch8

redhatfedoraMatch9

AND

fedoranewsxMatch1.68.fc8

fedoranewsxMatch1.69.fc9

VendorProductVersionCPE
redhatfedora8cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*
redhatfedora9cpe:2.3:o:redhat:fedora:9:*:*:*:*:*:*:*
fedoranewsx1.6cpe:2.3:a:fedora:newsx:1.6:8.fc8:*:*:*:*:*:*
fedoranewsx1.6cpe:2.3:a:fedora:newsx:1.6:9.fc9:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	fedora	8	cpe:2.3:o:redhat:fedora:8:::::::*
redhat	fedora	9	cpe:2.3:o:redhat:fedora:9:::::::*
fedora	newsx	1.6	cpe:2.3:a:fedora:newsx:1.6:8.fc8::::::
fedora	newsx	1.6	cpe:2.3:a:fedora:newsx:1.6:9.fc9::::::