CVE-2008-1488
published 2008-03-24CVE-2008-1488: Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
PriorityP347medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
7.81%
93.9th percentile
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
| pecl-php | alternative_php_cache | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
php-pecl-apc strcpy out of bounds
vendor_redhat·CVSS 6.8
CVE-2008-1488 [MEDIUM] php-pecl-apc strcpy out of bounds
php-pecl-apc strcpy out of bounds
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
GHSA
GHSA-j65p-mxc9-p293: Stack-based buffer overflow in apc
ghsa_unreviewed·2022-05-01
CVE-2008-1488 [MEDIUM] CWE-119 GHSA-j65p-mxc9-p293: Stack-based buffer overflow in apc
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
No detection rules found.
No writeups or analysis indexed.
http://papasian.org/~dannyp/apcsmash.php.txthttp://pecl.php.net/bugs/bug.php?id=13415http://secunia.com/advisories/29509http://secunia.com/advisories/29745http://secunia.com/advisories/31082http://security.gentoo.org/glsa/glsa-200804-07.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:082http://www.securityfocus.com/bid/28457https://exchange.xforce.ibmcloud.com/vulnerabilities/41420https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00548.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00582.htmlhttp://papasian.org/~dannyp/apcsmash.php.txthttp://pecl.php.net/bugs/bug.php?id=13415http://secunia.com/advisories/29509http://secunia.com/advisories/29745http://secunia.com/advisories/31082http://security.gentoo.org/glsa/glsa-200804-07.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:082http://www.securityfocus.com/bid/28457https://exchange.xforce.ibmcloud.com/vulnerabilities/41420https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00548.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00582.html
2008-03-24
Published