fkie_cve-2008-2327
Vulnerability from fkie_nvd
Published
2008-08-27 20:41
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
References
cve@mitre.orghttp://bugs.gentoo.org/show_bug.cgi?id=234080
cve@mitre.orghttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
cve@mitre.orghttp://secunia.com/advisories/31610Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31623Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31668Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31670Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31698Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31838Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31882Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31982
cve@mitre.orghttp://secunia.com/advisories/32706
cve@mitre.orghttp://secunia.com/advisories/32756Vendor Advisory
cve@mitre.orghttp://security-tracker.debian.net/tracker/CVE-2008-2327
cve@mitre.orghttp://security-tracker.debian.net/tracker/DSA-1632-1
cve@mitre.orghttp://security-tracker.debian.net/tracker/DTSA-160-1
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200809-07.xml
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
cve@mitre.orghttp://support.apple.com/kb/HT3276
cve@mitre.orghttp://support.apple.com/kb/HT3298
cve@mitre.orghttp://support.apple.com/kb/HT3318
cve@mitre.orghttp://www.debian.org/security/2008/dsa-1632Patch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:184
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0847.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0848.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0863.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/496033/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/497962/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30832
cve@mitre.orghttp://www.securitytracker.com/id?1020750
cve@mitre.orghttp://www.ubuntu.com/usn/usn-639-1
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA08-260A.htmlUS Government Resource
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0017.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2438Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2584Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2776Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2971Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/3107Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/3232
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2143Vendor Advisory
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=458674
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=234080
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31610Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31623Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31668Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31670Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31698Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31838Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31882Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31982
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32706
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security-tracker.debian.net/tracker/CVE-2008-2327
af854a3a-2127-422b-91ae-364da2661108http://security-tracker.debian.net/tracker/DSA-1632-1
af854a3a-2127-422b-91ae-364da2661108http://security-tracker.debian.net/tracker/DTSA-160-1
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200809-07.xml
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3276
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3298
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3318
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1632Patch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0847.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0848.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0863.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/496033/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/497962/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30832
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020750
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-639-1
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-260A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0017.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2438Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2584Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2776Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2971Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3107Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3232
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2143Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=458674
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
Impacted products
Vendor Product Version
libtiff libtiff *
libtiff libtiff 3.4
libtiff libtiff 3.5.1
libtiff libtiff 3.5.2
libtiff libtiff 3.5.3
libtiff libtiff 3.5.4
libtiff libtiff 3.5.5
libtiff libtiff 3.5.6
libtiff libtiff 3.5.7
libtiff libtiff 3.6.0
libtiff libtiff 3.6.1
libtiff libtiff 3.7.0
libtiff libtiff 3.7.1
libtiff libtiff 3.8.0
libtiff libtiff 3.8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8B853-0FF0-4E2F-983D-683A0951CEF3",
              "versionEndIncluding": "3.8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "11C50750-FE1D-42BA-9125-7D8E872AA2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEEBA7B-81D5-4148-912B-9AD448BBE741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "448555FE-8E91-4EA7-BA05-6915F5508319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44BC5E2C-B6A6-4999-A1EA-B91DA5C350C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2850FD9-8BE8-410E-8A24-28549DAACEB3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en las funciones (1) LZWDecode, (2) LZWDecodeCompat y (3) LZWDecodeVector en el archivo tif_lzw.c en el decodificador LZW en LibTIFF versi\u00f3n 3.8.2 y anteriores, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un archivo TIFF dise\u00f1ado, relacionado con el manejo inapropiado del c\u00f3digo CODE_CLEAR."
    }
  ],
  "id": "CVE-2008-2327",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-08-27T20:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31610"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31623"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31668"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31670"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31698"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31838"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31982"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32706"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3276"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3298"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3318"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1632"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30832"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020750"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-639-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2438"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2776"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2971"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/3107"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/3232"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2143"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31610"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-639-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/3107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/3232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.