CVE
- Id
- 34033
- CVE No.
- CVE-2008-3916
- Status
- Candidate
- Description
- Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.
- Phase
- Assigned (20080904)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 371784 | 34033 | CVE-2008-3916 | BUGTRAQ:20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed | View |
| 371785 | 34033 | CVE-2008-3916 | URL:http://www.securityfocus.com/archive/1/archive/1/501298/100/0/threaded | View |
| 371786 | 34033 | CVE-2008-3916 | MLIST:[bug-ed] 20080821 Version 1.0 of GNU ed released | View |
| 371787 | 34033 | CVE-2008-3916 | URL:http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html | View |
| 371788 | 34033 | CVE-2008-3916 | MLIST:[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates | View |
| 371789 | 34033 | CVE-2008-3916 | URL:http://lists.vmware.com/pipermail/security-announce/2010/000082.html | View |
| 371790 | 34033 | CVE-2008-3916 | CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-461.htm | View |
| 371791 | 34033 | CVE-2008-3916 | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2009-0003.html | View |
| 371792 | 34033 | CVE-2008-3916 | FEDORA:FEDORA-2008-9236 | View |
| 371793 | 34033 | CVE-2008-3916 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00847.html | View |
| 371794 | 34033 | CVE-2008-3916 | FEDORA:FEDORA-2008-9263 | View |
| 371795 | 34033 | CVE-2008-3916 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00873.html | View |
| 371796 | 34033 | CVE-2008-3916 | GENTOO:GLSA-200809-15 | View |
| 371797 | 34033 | CVE-2008-3916 | URL:http://security.gentoo.org/glsa/glsa-200809-15.xml | View |
| 371798 | 34033 | CVE-2008-3916 | MANDRIVA:MDVSA-2008:200 | View |
| 371799 | 34033 | CVE-2008-3916 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:200 | View |
| 371800 | 34033 | CVE-2008-3916 | REDHAT:RHSA-2008:0946 | View |
| 371801 | 34033 | CVE-2008-3916 | URL:http://www.redhat.com/support/errata/RHSA-2008-0946.html | View |
| 371802 | 34033 | CVE-2008-3916 | SUSE:SUSE-SR:2011:002 | View |
| 371803 | 34033 | CVE-2008-3916 | URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html | View |
| 371804 | 34033 | CVE-2008-3916 | BID:30815 | View |
| 371805 | 34033 | CVE-2008-3916 | URL:http://www.securityfocus.com/bid/30815 | View |
| 371806 | 34033 | CVE-2008-3916 | OVAL:oval:org.mitre.oval:def:10678 | View |
| 371807 | 34033 | CVE-2008-3916 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10678 | View |
| 371808 | 34033 | CVE-2008-3916 | SECUNIA:38794 | View |
| 371809 | 34033 | CVE-2008-3916 | URL:http://secunia.com/advisories/38794 | View |
| 371810 | 34033 | CVE-2008-3916 | SECUNIA:43068 | View |
| 371811 | 34033 | CVE-2008-3916 | URL:http://secunia.com/advisories/43068 | View |
| 371812 | 34033 | CVE-2008-3916 | VUPEN:ADV-2008-2642 | View |
| 371813 | 34033 | CVE-2008-3916 | URL:http://www.vupen.com/english/advisories/2008/2642 | View |
| 371814 | 34033 | CVE-2008-3916 | SECTRACK:1020734 | View |
| 371815 | 34033 | CVE-2008-3916 | URL:http://www.securitytracker.com/id?1020734 | View |
| 371816 | 34033 | CVE-2008-3916 | SECUNIA:32460 | View |
| 371817 | 34033 | CVE-2008-3916 | URL:http://secunia.com/advisories/32460 | View |
| 371818 | 34033 | CVE-2008-3916 | SECUNIA:33005 | View |
| 371819 | 34033 | CVE-2008-3916 | URL:http://secunia.com/advisories/33005 | View |
| 371820 | 34033 | CVE-2008-3916 | SECUNIA:32349 | View |
| 371821 | 34033 | CVE-2008-3916 | URL:http://secunia.com/advisories/32349 | View |
| 371822 | 34033 | CVE-2008-3916 | VUPEN:ADV-2008-3347 | View |
| 371823 | 34033 | CVE-2008-3916 | URL:http://www.vupen.com/english/advisories/2008/3347 | View |
| 371824 | 34033 | CVE-2008-3916 | VUPEN:ADV-2010-0528 | View |
| 371825 | 34033 | CVE-2008-3916 | URL:http://www.vupen.com/english/advisories/2010/0528 | View |
| 371826 | 34033 | CVE-2008-3916 | VUPEN:ADV-2011-0212 | View |
| 371827 | 34033 | CVE-2008-3916 | URL:http://www.vupen.com/english/advisories/2011/0212 | View |
| 371828 | 34033 | CVE-2008-3916 | XF:gnued-stripescapes-bo(44643) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 48094 | JVNDB-2008-003404 | BitlBee における既存のアカウントを "再作成" される脆弱性 | BitlBee には、既存のアカウントを "再作成" および "ハイジャックされる" 脆弱性が存在します。 | CVE-2008-3920 | 34033 | 7.5 | http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003404.html | View |
