NVD

Id
3833  
Name
CVE-2008-3971  
Description
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-09-10  
Modified Date
2009-08-19  
Seq
2008-3971  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
24287 3833 CVE-2008-3971 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497835  View
24288 3833 CVE-2008-3971 [oss-security] 20080906 CVE id requests: gmanedit  View
24289 3833 CVE-2008-3971 [oss-security] 20080909 Re: CVE id requests: gmanedit  View
24290 3833 CVE-2008-3971 [oss-security] 20080909 Re: CVE id requests: gmanedit  View
24291 3833 CVE-2008-3971 31040  View
24292 3833 CVE-2008-3971 gmanedit-readconffromfile-bo(44962)  View
24293 3833 CVE-2008-3971 gmanedit-glocaletoutf8-bo(44963)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
48107 JVNDB-2008-003417 gmanedit の open_man_file 関数におけるヒープベースのバッファオーバーフローの脆弱性 gmanedit の callbacks.c の open_man_file 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2008-3971 34084 CVE-2008-3971 3833 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003417.html 2008-09-10 2012-06-26 View