Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2719

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2719
Last Modified 07 Mar 2011 10:09:39
Published 16 Jun 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2719

Summary

Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.

Vulnerable Systems

Application

  • Nasm 2.02

  • Nasm Netwide Assembler 2.02


References

CONFIRM - https://sourceforge.net/tracker/?func=detail&atid=106208&aid=1942146&group_id=6208

CONFIRM - https://sourceforge.net/project/shownotes.php?group_id=6208&release_id=606115

XF - nasm-ppscan-bo(42995)

VUPEN - ADV-2008-1811

UBUNTU - USN-648-1

SECTRACK - 1020259

BID - 29656

MLIST - [oss-security] 20080611 Re: CVE id request: nasm off-by-one

MLIST - [oss-security] 20080611 CVE id request: nasm off-by-one

MANDRIVA - MDVSA-2008:120

SECUNIA - 32059

SECUNIA - 30594

CONFIRM - http://repo.or.cz/w/nasm.git?a=commit;h=76ec8e73db16f4cf1453a142d03bcc74d528f72f


Last Updated: 27 May 2016 10:47:57