cbcvebase.
CVE-2008-2719
published 2008-06-16

CVE-2008-2719: Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash)…

PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
10.47%
95.2th percentile
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiannasm< nasm 2.03.01-1 (bookworm)nasm 2.03.01-1 (bookworm)
nasmnasm>= 0 < 2.03.01-12.03.01-1
nasmnasm>= 0 < 2.03.01-12.03.01-1
nasmnasm>= 0 < 2.03.01-12.03.01-1
nasmnasm>= 0 < 2.03.01-12.03.01-1
nasmnetwide_assembler<= 2.03.01
nasmnetwide_assembler

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.