CVSS: 10.0EPSS: 29%CPEs: 4EXPL: 0CVE-2008-3252
https://notcve.org/view.php?id=CVE-2008-3252
Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. Desbordamiento de búfer basado en pila en la función read_article en getarticle.c en newsx 1.6, permite a atacantes remotos ejecutar código de su elección a través de un artículo de noticias que contiene un gran número de líneas que empiezan con un período. • http://secunia.com/advisories/31080 http://secunia.com/advisories/31307 http://www.debian.org/security/2008/dsa-1622 http://www.securityfocus.com/bid/30231 https://bugzilla.redhat.com/show_bug.cgi?id=454483 https://exchange.xforce.ibmcloud.com/vulnerabilities/43844 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00485.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00565.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •