CVE-2008-3522

CWE-119Buffer OverflowCWE-122Heap-based Buffer Overflow10 documents8 sources
Severity
10.0CRITICAL
EPSS
4.3%
top 11.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jasper Project JasperRedhat Enterprise Virtualization
Timeline
PublishedOct 2
Latest updateMay 2

Description

Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

Debianghostscript< 8.64~dfsg-2+3

🔴Vulnerability Details

3
GHSA
GHSA-gx7j-m7w9-jmf5: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream2022-05-02
CVEList
CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream2008-10-02
OSV
CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream2008-10-02

📋Vendor Advisories

4
Ubuntu
Ghostscript vulnerabilities2012-01-04
Ubuntu
JasPer vulnerabilities2009-03-19
Red Hat
jasper: possible buffer overflow in jas_stream_printf()2008-09-08
Debian
CVE-2008-3522: ghostscript - Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c...2008

💬Community

2
Bugzilla
CVE-2008-3520 CVE-2008-3522 Multiple jasper vulnerabilities2009-10-22
Bugzilla
CVE-2008-3522 jasper: possible buffer overflow in jas_stream_printf()2008-09-08
CVE-2008-3522 (CRITICAL CVSS 10) | Buffer overflow in the jas_stream_p | cvebase.io