Vulnerability Details CVE-2008-1922
Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.1%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://secunia.com/advisories/30156
- http://secunia.com/advisories/30202
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:073
- http://www.securityfocus.com/bid/29141
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42321
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://secunia.com/advisories/30156
- http://secunia.com/advisories/30202
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:073
- http://www.securityfocus.com/bid/29141
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42321
Products affected by CVE-2008-1922
-
cpe:2.3:a:sarg:squid_analysis_report_generator:*