9.3

CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

Data is provided by the National Vulnerability Database (NVD)
SunOpensolaris Editionsparc
SunOpensolaris Editionx86
SunOpensolaris Version <= build_snv_95
SunOpensolaris Versionbuild_snv_01
SunOpensolaris Versionbuild_snv_02
SunOpensolaris Versionbuild_snv_13
SunOpensolaris Versionbuild_snv_19
SunOpensolaris Versionbuild_snv_22
SunOpensolaris Versionbuild_snv_64
SunOpensolaris Versionbuild_snv_88
SunOpensolaris Versionbuild_snv_89
SunOpensolaris Versionbuild_snv_91
SunOpensolaris Versionbuild_snv_92
SunSolaris Version8 Editionsparc
SunSolaris Version8 Editionx86
SunSolaris Version9 Editionsparc
SunSolaris Version9 Editionx86
SunSolaris Version10 Editionsparc
SunSolaris Version10 Editionx86
SunSunos Version5.8
SunSunos Version5.9
SunSunos Version5.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 28.55% 0.964
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.