CVE-2008-0122
published 2008-01-16CVE-2008-0122: Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows…
critical10CVSS 3.1
AVNACLAuNCCICAC
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < glibc 2.2-1 (bookworm) | glibc 2.2-1 (bookworm) |
| debian | glibc | < glibc 2.2-1 (bookworm) | glibc 2.2-1 (bookworm) |
| gnu | glibc | >= 0 < 2.2-1 | 2.2-1 |
| gnu | glibc | >= 0 < 2.2-1 | 2.2-1 |
| gnu | glibc | >= 0 < 2.2-1 | 2.2-1 |
| gnu | glibc | >= 0 < 2.2-1 | 2.2-1 |
| isc | bind | <= 9.4.2 | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL