Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1488

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1488
Last Modified 26 Nov 2012 10:44:31
Published 24 Mar 2008 07:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1488

Summary

Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.

Vulnerable Systems

Application

  • Pecl-php Alternative Php Cache 3.0.11

  • Pecl-php Alternative Php Cache 3.0.12

  • Pecl-php Alternative Php Cache 3.0.12p1

  • Pecl-php Alternative Php Cache 3.0.12p2

  • Pecl-php Alternative Php Cache 3.0.13

  • Pecl-php Alternative Php Cache 3.0.14

  • Pecl-php Alternative Php Cache 3.0.15

  • Pecl-php Alternative Php Cache 3.0.16


References

XF - apc-apcsearchpaths-bo(41420)

BID - 28457

MANDRIVA - MDVSA-2008:082

GENTOO - GLSA-200804-07

SECUNIA - 29745

SECUNIA - 29509

CONFIRM - http://pecl.php.net/bugs/bug.php?id=13415

MISC - http://papasian.org/~dannyp/apcsmash.php.txt

FEDORA - FEDORA-2008-6401

FEDORA - FEDORA-2008-6344

SECUNIA - 31082


Last Updated: 27 May 2016 11:01:24