CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-7249

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1100%
EPSS Percentile39.77th
Published2009年12月30日
Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167.

Affected Platforms (CPE)

📦
Pedro Lineu Orso

Sarg

= 2.2.4

References & Advisories

🔗 http://sourceforge.net/project/shownotes.php?release_id=581212
🔗 http://www.securityfocus.com/archive/1/489018/100/0/threaded
🔗 http://www.vupen.com/english/advisories/2008/0749
🔗 http://sourceforge.net/project/shownotes.php?release_id=581212
🔗 http://www.securityfocus.com/archive/1/489018/100/0/threaded
🔗 http://www.vupen.com/english/advisories/2008/0749

相关漏洞威胁

CVE-2008-116710.0

Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remo...

CVE-2008-192210.0

Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a craf...

CVE-2019-189327.0

log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temp...

CVE-2008-11684.3

Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to inject arbit...

CVE-2008-7249 Detail & Impact Analysis | CVSS 9.3 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space