CVE-2008-3247 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.2 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 27%

Vendor	Product	Version
linux	linux_kernel	2.6.25
linux	linux_kernel	2.6.25.1
linux	linux_kernel	2.6.25.2
linux	linux_kernel	2.6.25.3
linux	linux_kernel	2.6.25.4
linux	linux_kernel	2.6.25.5
linux	linux_kernel	2.6.25.6
linux	linux_kernel	2.6.25.7
linux	linux_kernel	2.6.25.8
linux	linux_kernel	2.6.25.9
linux	linux_kernel	2.6.25.10
linux	linux_kernel	2.6.25.11
linux	linux_kernel	2.6.25.12

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

linux

hardy	not-affected
gutsy	dne
feisty	dne
dapper	dne

linux-source-2.6.15

hardy	dne
gutsy	dne
feisty	dne
dapper	not-affected

linux-source-2.6.20

hardy	dne
gutsy	dne
feisty	not-affected
dapper	dne

linux-source-2.6.22

hardy	dne
gutsy	not-affected
feisty	dne
dapper	dne

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=74454a6a286bfce4bb23d89bd465f856fa6a6e19

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html

http://secunia.com/advisories/31172

http://secunia.com/advisories/31202

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.11

http://www.securityfocus.com/bid/30351

http://www.securitytracker.com/id?1020544

https://exchange.xforce.ibmcloud.com/vulnerabilities/43979

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=74454a6a286bfce4bb23d89bd465f856fa6a6e19

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html

http://secunia.com/advisories/31172

http://secunia.com/advisories/31202

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.11

http://www.securityfocus.com/bid/30351

http://www.securitytracker.com/id?1020544

https://exchange.xforce.ibmcloud.com/vulnerabilities/43979