CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-0550

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile9.40th
Published2008年2月1日
Last Modified2026年4月23日

Vulnerability Description

Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.

Affected Platforms (CPE)

📦
Radio Toolbox

Steamcast

<= 0.9.75

References & Advisories

🔗 http://aluigi.altervista.org/adv/steamcazz-adv.txt
🔗 http://aluigi.org/poc/steamcazz.zip
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/39928
🔗 http://aluigi.altervista.org/adv/steamcazz-adv.txt
🔗 http://aluigi.org/poc/steamcazz.zip
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/39928

関連する脆弱性情報

CVE-2008-05485.0

Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Conten...

CVE-2008-05495.0

Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authenticated users to cause a denia...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...