Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3196

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-3196
Last Modified 26 Nov 2012 10:48:48
Published 16 Jul 2008 02:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3196

Summary

skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.

Vulnerable Systems

Application

  • Yacc


References

MLIST - [openbsd-cvs] 20080708 Re: CVS: cvs.openbsd.org: src

MLIST - [openbsd-cvs] 20080708 CVS: cvs.openbsd.org: src

VUPEN - ADV-2008-2151

SECUNIA - 31073


Last Updated: 27 May 2016 10:49:51