CVE-2008-1922Improper Restriction of Operations within the Bounds of a Memory Buffer in Lineu Orso Sarg

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
10.0CRITICALNVD
EPSS
1.5%
top 19.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Pedro Lineu Orso Sarg
Timeline
PublishedMay 13
Latest updateMay 1

Description

Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

Debianpedro_lineu_orso/sarg< 2.2.4-1+2

🔴Vulnerability Details

3
GHSA
GHSA-m2m9-74wm-9cc3: Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file2022-05-01
CVEList
CVE-2008-1922: Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file2008-05-13
OSV
CVE-2008-1922: Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file2008-05-13

📋Vendor Advisories

2
Red Hat
kvm: qemu-nbd block format auto-detection vulnerability2013-04-15
Debian
CVE-2008-1922: sarg - Multiple stack-based buffer overflows in Sarg might allow attackers to execute a...2008

💬Community

1
Bugzilla
CVE-2013-1922 qemu, qemu-kvm, kvm: qemu-nbd block format auto-detection vulnerability2013-03-19
CVE-2008-1922 — Pedro Lineu Orso Sarg vulnerability | cvebase