| Vulnerability Name: | CVE-2008-6005 (CCN-48399) | ||||||||
| Assigned: | 2008-01-23 | ||||||||
| Published: | 2008-01-23 | ||||||||
| Updated: | 2009-02-17 | ||||||||
| Summary: | Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-119 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: CVE-2008-5282,CVE-2008-6005,CVE-2009-0323: multiple buffer overflows Debian Bug report logs - #507587 Source: CONFIRM Type: Exploit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15 Source: MITRE Type: CNA CVE-2008-6005 Source: CCN Type: OSVDB ID: 52935 Amaya Web Browser CheckUniqueName Function Duplicated Attribute Value Inputs Overflows Source: CCN Type: OSVDB ID: 55720 Amaya Web Browser Xml2thot.c Multiple Function Overflow Source: CCN Type: OSVDB ID: 55721 Amaya Web Browser html2toth.c Multiple Function Overflow Source: BID Type: UNKNOWN 33736 Source: CCN Type: BID-33736 W3C Amaya 'CheckUniqueName()' Multiple Stack Based Buffer Overflow Vulnerabilities Source: CCN Type: W3C Web site Amaya Home Page Source: XF Type: UNKNOWN amaya-checkuniquename-multiple-bo(48399) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||