Search
Find a vulnerability
Search criteria
8 vulnerabilities found for jhead by sentex
CVE-2008-4641 (GCVE-0-2008-4641)
Vulnerability from nvd – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/31921 | vdb-entryx_refsource_BID |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/11/26/4 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31921",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31921"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31921",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31921"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31921"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4641",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4640 (GCVE-0-2008-4640)
Vulnerability from nvd – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/32506 | vdb-entryx_refsource_BID |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/11/26/4 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
Date Public
2008-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-12-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32506"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4640",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4639 (GCVE-0-2008-4639)
Vulnerability from nvd – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2009/02/06/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-21T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4639",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4575 (GCVE-0-2008-4575)
Vulnerability from nvd – Published: 2008-10-15 19:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/31770 | vdb-entryx_refsource_BID |
| http://www.sentex.net/~mwandel/jhead/changes.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/32363 | third-party-advisoryx_refsource_SECUNIA |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-8928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to \"a bunch of potential string overflows.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-10-23T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-8928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to \"a bunch of potential string overflows.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-8928",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31770"
},
{
"name": "http://www.sentex.net/~mwandel/jhead/changes.txt",
"refsource": "CONFIRM",
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4575",
"datePublished": "2008-10-15T19:00:00.000Z",
"dateReserved": "2008-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4640 (GCVE-0-2008-4640)
Vulnerability from cvelistv5 – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/32506 | vdb-entryx_refsource_BID |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/11/26/4 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
Date Public
2008-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-12-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32506"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4640",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4641 (GCVE-0-2008-4641)
Vulnerability from cvelistv5 – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/31921 | vdb-entryx_refsource_BID |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/11/26/4 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31921",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31921"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31921",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31921"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31921"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20081127 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4641",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4639 (GCVE-0-2008-4639)
Vulnerability from cvelistv5 – Published: 2008-10-21 16:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2009/02/06/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/16/3 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-21T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/5"
},
{
"name": "[oss-security] 20090206 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/5"
},
{
"name": "[oss-security] 20081016 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4639",
"datePublished": "2008-10-21T16:00:00.000Z",
"dateReserved": "2008-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4575 (GCVE-0-2008-4575)
Vulnerability from cvelistv5 – Published: 2008-10-15 19:00 – Updated: 2024-08-07 10:24
VLAI
EPSS
VEX
Summary
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/31770 | vdb-entryx_refsource_BID |
| http://www.sentex.net/~mwandel/jhead/changes.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/32363 | third-party-advisoryx_refsource_SECUNIA |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| https://bugs.launchpad.net/ubuntu/+source/jhead/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2008/10/15/6 | mailing-listx_refsource_MLIST |
Date Public
2008-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-8928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to \"a bunch of potential string overflows.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-10-23T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-8928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to \"a bunch of potential string overflows.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-8928",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html"
},
{
"name": "31770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31770"
},
{
"name": "http://www.sentex.net/~mwandel/jhead/changes.txt",
"refsource": "CONFIRM",
"url": "http://www.sentex.net/~mwandel/jhead/changes.txt"
},
{
"name": "32363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32363"
},
{
"name": "FEDORA-2008-8941",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
},
{
"name": "[oss-security] 20081015 Re: CVE request: jhead",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4575",
"datePublished": "2008-10-15T19:00:00.000Z",
"dateReserved": "2008-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}