CVE-2008-5514
Mandriva Linux Security Advisory 2009-166
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.
Error de superación de límite en la función rfc822_output_char en las rutinas RFC822BUFFER de las bibliotecas c-client library, de la Universidad de Washinton (UW), como las utilizadas en por el Juego de herramientas UW IMAP anteriores a imap-2007e y otras aplicaciones, permiten a atacantes, despendiendo del contexto, provocar una denegación de servicio (caída) a través de un correo electrónico, que desencadene un desbordamiento de buffer.
Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Versions less than 5.2.12 are affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-12-12 CVE Reserved
- 2008-12-23 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/33275 | Third Party Advisory | |
| http://secunia.com/advisories/33638 | Third Party Advisory | |
| http://securitytracker.com/id?1021485 | Vdb Entry | |
| http://www.securityfocus.com/bid/32958 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/3490 | Vdb Entry | |
| http://www.washington.edu/imap/documentation/RELNOTES.html | X_refsource_confirm | |
| https://bugzilla.redhat.com/show_bug.cgi?id=477227 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47526 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | <= 2007d Search vendor "University Of Washington" for product "Imap" and version " <= 2007d" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2000 Search vendor "University Of Washington" for product "Imap" and version "2000" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2000a Search vendor "University Of Washington" for product "Imap" and version "2000a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2000b Search vendor "University Of Washington" for product "Imap" and version "2000b" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2000c Search vendor "University Of Washington" for product "Imap" and version "2000c" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2001 Search vendor "University Of Washington" for product "Imap" and version "2001" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2001a Search vendor "University Of Washington" for product "Imap" and version "2001a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002 Search vendor "University Of Washington" for product "Imap" and version "2002" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002a Search vendor "University Of Washington" for product "Imap" and version "2002a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002b Search vendor "University Of Washington" for product "Imap" and version "2002b" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002c Search vendor "University Of Washington" for product "Imap" and version "2002c" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002d Search vendor "University Of Washington" for product "Imap" and version "2002d" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002e Search vendor "University Of Washington" for product "Imap" and version "2002e" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2002f Search vendor "University Of Washington" for product "Imap" and version "2002f" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004 Search vendor "University Of Washington" for product "Imap" and version "2004" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004a Search vendor "University Of Washington" for product "Imap" and version "2004a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004b Search vendor "University Of Washington" for product "Imap" and version "2004b" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004c Search vendor "University Of Washington" for product "Imap" and version "2004c" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004d Search vendor "University Of Washington" for product "Imap" and version "2004d" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004e Search vendor "University Of Washington" for product "Imap" and version "2004e" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004f Search vendor "University Of Washington" for product "Imap" and version "2004f" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2004g Search vendor "University Of Washington" for product "Imap" and version "2004g" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006 Search vendor "University Of Washington" for product "Imap" and version "2006" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006a Search vendor "University Of Washington" for product "Imap" and version "2006a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006b Search vendor "University Of Washington" for product "Imap" and version "2006b" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006c Search vendor "University Of Washington" for product "Imap" and version "2006c" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006d Search vendor "University Of Washington" for product "Imap" and version "2006d" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006e Search vendor "University Of Washington" for product "Imap" and version "2006e" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006f Search vendor "University Of Washington" for product "Imap" and version "2006f" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006g Search vendor "University Of Washington" for product "Imap" and version "2006g" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006h Search vendor "University Of Washington" for product "Imap" and version "2006h" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006i Search vendor "University Of Washington" for product "Imap" and version "2006i" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006j Search vendor "University Of Washington" for product "Imap" and version "2006j" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2006k Search vendor "University Of Washington" for product "Imap" and version "2006k" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2007 Search vendor "University Of Washington" for product "Imap" and version "2007" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2007a Search vendor "University Of Washington" for product "Imap" and version "2007a" | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap Search vendor "University Of Washington" for product "Imap" | 2007b Search vendor "University Of Washington" for product "Imap" and version "2007b" | - |
Affected
| ||||||