CVE-2008-5101 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 84%

Affected Products (NVD)

Vendor	Product	Version
optipng	optipng	0.6
optipng	optipng	0.6.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

optipng

bookworm	0.7.7-2 fixed
bullseye	0.7.7-1 fixed
etch	not-affected
sid	0.7.8+ds-1 fixed
trixie	0.7.8+ds-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

optipng

dapper	dne
gutsy	ignored
hardy	ignored
intrepid	ignored
jaunty	not-affected
karmic	not-affected
lucid	not-affected
maverick	not-affected
natty	not-affected
oneiric	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505399

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

http://openwall.com/lists/oss-security/2008/11/12/1

http://optipng.sourceforge.net/

http://prdownloads.sourceforge.net/optipng/optipng-0.6.1.1.diff?download

http://secunia.com/advisories/32651

http://secunia.com/advisories/34259

http://security.gentoo.org/glsa/glsa-200812-01.xml

http://sourceforge.net/project/shownotes.php?release_id=639631&group_id=151404

http://www.securityfocus.com/bid/32248

http://www.vupen.com/english/advisories/2008/3108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46519

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505399

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

http://openwall.com/lists/oss-security/2008/11/12/1

http://optipng.sourceforge.net/

http://prdownloads.sourceforge.net/optipng/optipng-0.6.1.1.diff?download

http://secunia.com/advisories/32651

http://secunia.com/advisories/34259

http://security.gentoo.org/glsa/glsa-200812-01.xml

http://sourceforge.net/project/shownotes.php?release_id=639631&group_id=151404

http://www.securityfocus.com/bid/32248

http://www.vupen.com/english/advisories/2008/3108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46519