Oval Definition:oval:org.opensuse.security:def:20081391
Revision Date:2022-05-20Version:1
Title:CVE-2008-1391
Description:

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-1391
Mitre CVE-2008-1391
SUSE CVE-2008-1391
openSUSE-SU-2010:0913-1
openSUSE-SU-2010:0914-1
SUSE-SA:2010:052
Platform(s):Open Enterprise Server
openSUSE 11.1
openSUSE 11.2
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise 11 Moblin 2.0
SUSE Linux Enterprise 11 Moblin 2.1
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP 10 SP3
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • AND
  • glibc-32bit less than 2.4-31.77.76.1
  • OR glibc-64bit less than 2.4-31.77.76.1
  • OR glibc-devel-32bit less than 2.4-31.77.76.1
  • OR glibc-devel-64bit less than 2.4-31.77.76.1
  • OR glibc-devel less than 2.4-31.77.76.1
  • OR glibc-html less than 2.4-31.77.76.1
  • OR glibc-i18ndata less than 2.4-31.77.76.1
  • OR glibc-info less than 2.4-31.77.76.1
  • OR glibc-locale-32bit less than 2.4-31.77.76.1
  • OR glibc-locale-64bit less than 2.4-31.77.76.1
  • OR glibc-locale-x86 less than 2.4-31.77.76.1
  • OR glibc-locale less than 2.4-31.77.76.1
  • OR glibc-profile-32bit less than 2.4-31.77.76.1
  • OR glibc-profile-64bit less than 2.4-31.77.76.1
  • OR glibc-profile-x86 less than 2.4-31.77.76.1
  • OR glibc-profile less than 2.4-31.77.76.1
  • OR glibc-x86 less than 2.4-31.77.76.1
  • OR glibc less than 2.4-31.77.76.1
  • OR nscd less than 2.4-31.77.76.1
  • OR Package Information
  • sles10-sp3-sap is installed
  • AND
  • glibc-32bit less than 2.4-31.77.76.1
  • OR glibc-devel-32bit less than 2.4-31.77.76.1
  • OR glibc-devel less than 2.4-31.77.76.1
  • OR glibc-html less than 2.4-31.77.76.1
  • OR glibc-i18ndata less than 2.4-31.77.76.1
  • OR glibc-info less than 2.4-31.77.76.1
  • OR glibc-locale-32bit less than 2.4-31.77.76.1
  • OR glibc-locale less than 2.4-31.77.76.1
  • OR glibc-profile-32bit less than 2.4-31.77.76.1
  • OR glibc-profile less than 2.4-31.77.76.1
  • OR glibc less than 2.4-31.77.76.1
  • OR nscd less than 2.4-31.77.76.1
  • OR Package Information
  • sles10-sp3-sdk is installed
  • AND
  • glibc-dceext-32bit less than 2.4-31.77.76.1
  • OR glibc-dceext-64bit less than 2.4-31.77.76.1
  • OR glibc-dceext-x86 less than 2.4-31.77.76.1
  • OR glibc-dceext less than 2.4-31.77.76.1
  • OR glibc-html less than 2.4-31.77.76.1
  • OR glibc-profile-32bit less than 2.4-31.77.76.1
  • OR glibc-profile-64bit less than 2.4-31.77.76.1
  • OR glibc-profile-x86 less than 2.4-31.77.76.1
  • OR glibc-profile less than 2.4-31.77.76.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND glibc is affected
    • BACK