CVE-2008-0992
published 2008-03-18CVE-2008-0992: Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
medium5.8CVSS 3.1
AVNACMAuNCNIPAP
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | — | — |
| debian | pax | — | — |
Red Hat
pax: code execution via malicous archive
vendor_redhat·2008-03-18·CVSS 5.8
CVE-2008-0992 [MEDIUM] pax: code execution via malicous archive
pax: code execution via malicous archive
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
Statement: Not vulnerable. This issue did not affect versions of pax as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Debian
CVE-2008-0992: pax - Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attac...
vendor_debian·2008·CVSS 5.8
CVE-2008-0992 [MEDIUM] CVE-2008-0992: pax - Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attac...
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-vm5x-cwp8-hcvg: Array index error in pax in Apple Mac OS X 10
ghsa_unreviewed·2022-05-01
CVE-2008-0992 [MEDIUM] CWE-119 GHSA-vm5x-cwp8-hcvg: Array index error in pax in Apple Mac OS X 10
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
No detection rules found.
No public exploits indexed.
http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://secunia.com/advisories/29420http://www.securityfocus.com/bid/28304http://www.securityfocus.com/bid/28365http://www.securitytracker.com/id?1019673http://www.us-cert.gov/cas/techalerts/TA08-079A.htmlhttp://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41288http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://secunia.com/advisories/29420http://www.securityfocus.com/bid/28304http://www.securityfocus.com/bid/28365http://www.securitytracker.com/id?1019673http://www.us-cert.gov/cas/techalerts/TA08-079A.htmlhttp://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41288
2008-03-18
Published