CVE-2008-6393

Published Mar 3, 2009

Last updated 7 years ago

CVSS info 10.0

Overview

Description: PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:psi-im:psi:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E299EC7B-3898-4C83-AFAD-5159AA6F7190",
            "versionEndIncluding": "0.12"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38EE9C09-EBE8-4FEE-BB3F-90F5C780CAF4"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12BEC7A5-6322-4EAC-9300-122103385353"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DCECDB6-FE12-4525-B0C6-E21BB8C726D9"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD2D5C56-C318-4034-B190-BD286BEC4344"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "797DB5B4-2650-4D12-94CF-37C2DBFB4036"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1880019A-5430-48B0-AF4F-50324D7FD80B"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EEC8538-FE8A-47B5-BABF-DE32AF12D018"
          },
          {
            "criteria": "cpe:2.3:a:psi-im:psi:0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3A98A96-1288-4956-BBBC-F1EDEAE843C9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jabber:jabber_client:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "19E14DB6-F5BF-4C7A-A2C5-6E57C97D8D25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References