CVE-2008-1994

EUVD-2008-1992
Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable or (2) a large number of terminal columns.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
ahmed_abdel-hamid_mohamedacon
1.0.5-5
ahmed_abdel-hamid_mohamedacon
1.0.5-6
ahmed_abdel-hamid_mohamedacon
1.0.5-7
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acon
dapper
dne
feisty
ignored
gutsy
ignored
hardy
ignored
intrepid
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475733
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476603
http://secunia.com/advisories/29909
http://www.securityfocus.com/bid/28862
https://exchange.xforce.ibmcloud.com/vulnerabilities/41915
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475733
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476603
http://secunia.com/advisories/29909
http://www.securityfocus.com/bid/28862
https://exchange.xforce.ibmcloud.com/vulnerabilities/41915