Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2008-1488

Published: 24/03/2008 Updated: 08/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Alternative Php Cache

Vulnerability Summary

Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 up to and including 3.0.16 allows remote malicious users to execute arbitrary code via a long filename.

Vulnerable Product Search on Vulmon Subscribe to Product

pecl-php alternative php cache 3.0.12p2

pecl-php alternative php cache 3.0.13

pecl-php alternative php cache 3.0.11

pecl-php alternative php cache 3.0.16

pecl-php alternative php cache 3.0.14

pecl-php alternative php cache 3.0.15

pecl-php alternative php cache 3.0.12

pecl-php alternative php cache 3.0.12p1

Exploits

Exploit DB: PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/28457/info PECL Alternative PHP Cache (APC) extension is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input Attackers may leverage this issue to execute arbitrary code in the context of the application Failed attacks will cause denial-of-s ...

References

CWE-119http://papasian.org/~dannyp/apcsmash.php.txthttp://pecl.php.net/bugs/bug.php?id=13415http://secunia.com/advisories/29509http://www.securityfocus.com/bid/28457http://www.mandriva.com/security/advisories?name=MDVSA-2008:082http://secunia.com/advisories/29745http://security.gentoo.org/glsa/glsa-200804-07.xmlhttp://secunia.com/advisories/31082https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00548.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00582.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41420https://nvd.nist.govhttps://www.exploit-db.com/exploits/31540/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook