CVE-2008-0888
ADVISORY - nistSummary
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
EPSS Score: 0.1904 (0.951)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Restriction of Operations within the Bounds of a Memory Buffer
NIST
CREATED
UPDATED
ADVISORY IDCVE-2008-0888
EXPLOITABILITY SCORE
8.6
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
9.3highAlpine
CREATED
UPDATED
ADVISORY IDCVE-2008-0888
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2008-0888
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2008-0888
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2008-0888
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-