CVE-2008-4575 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Jhead

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 26.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jhead Project Jhead Debian Jhead Sentex Jhead

Timeline

PublishedOct 15

Latest updateMay 2

Description

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/jhead< jhead 2.84-1 (bookworm)

▶Debianjhead_project/jhead< 2.84-1+3

▶NVDsentex/jhead2.82+19

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-49v5-vhqj-7pjx: Buffer overflow in the DoCommand function in jhead before 2↗2022-05-02

▶

OSV

CVE-2008-4575: Buffer overflow in the DoCommand function in jhead before 2↗2008-10-15

▶

📋Vendor Advisories

Red Hat

jhead buffer overflow↗2008-10-15

▶

Debian

CVE-2008-4575: jhead - Buffer overflow in the DoCommand function in jhead before 2.84 might allow conte...↗2008

▶

💬Community

Bugzilla

CVE-2008-4575 jhead buffer overflow [F9]↗2008-10-16

▶

Bugzilla

CVE-2008-4575 jhead buffer overflow [F8]↗2008-10-16

▶

Bugzilla

CVE-2008-4575 jhead buffer overflow↗2008-10-16

▶