Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3196


Vulnerability Score 7.8 7.8
CVE Id CVE-2008-3196
Last Modified 26 Nov 2012 10:48:48
Published 16 Jul 2008 02:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.

Vulnerable Systems


  • Yacc


MLIST - [openbsd-cvs] 20080708 Re: CVS: src

MLIST - [openbsd-cvs] 20080708 CVS: src

VUPEN - ADV-2008-2151

SECUNIA - 31073

Last Updated: 27 May 2016 10:49:51