Vulnerability Details CVE-2008-3429
Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 89.2%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/31323/
- http://secunia.com/advisories/31380
- http://secunia.com/advisories/31866
- http://www.debian.org/security/2008/dsa-1626
- http://www.httrack.com/history.txt
- http://www.securityfocus.com/bid/30425
- http://www.venustech.com.cn/NewsInfo/124/2032.Html
- http://www.vupen.com/english/advisories/2008/2221/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44167
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00707.html
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00711.html
- http://secunia.com/advisories/31323/
- http://secunia.com/advisories/31380
- http://secunia.com/advisories/31866
- http://www.debian.org/security/2008/dsa-1626
- http://www.httrack.com/history.txt
- http://www.securityfocus.com/bid/30425
- http://www.venustech.com.cn/NewsInfo/124/2032.Html
- http://www.vupen.com/english/advisories/2008/2221/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44167
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00707.html
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00711.html
Products affected by CVE-2008-3429
-
cpe:2.3:a:httrack:httrack:0.23
-
cpe:2.3:a:httrack:httrack:0.24
-
cpe:2.3:a:httrack:httrack:0.25
-
cpe:2.3:a:httrack:httrack:0.99
-
cpe:2.3:a:httrack:httrack:0.996
-
cpe:2.3:a:httrack:httrack:0.997
-
cpe:2.3:a:httrack:httrack:0.998
-
cpe:2.3:a:httrack:httrack:1.00
-
cpe:2.3:a:httrack:httrack:1.01
-
cpe:2.3:a:httrack:httrack:1.02
-
cpe:2.3:a:httrack:httrack:1.03
-
cpe:2.3:a:httrack:httrack:1.04
-
cpe:2.3:a:httrack:httrack:1.10
-
cpe:2.3:a:httrack:httrack:1.11
-
cpe:2.3:a:httrack:httrack:1.15
-
cpe:2.3:a:httrack:httrack:1.16
-
cpe:2.3:a:httrack:httrack:1.20
-
cpe:2.3:a:httrack:httrack:1.21
-
cpe:2.3:a:httrack:httrack:1.22
-
cpe:2.3:a:httrack:httrack:1.23
-
cpe:2.3:a:httrack:httrack:1.24
-
cpe:2.3:a:httrack:httrack:1.30
-
cpe:2.3:a:httrack:httrack:2.00
-
cpe:2.3:a:httrack:httrack:2.01
-
cpe:2.3:a:httrack:httrack:2.02
-
cpe:2.3:a:httrack:httrack:2.2
-
cpe:2.3:a:httrack:httrack:3.00
-
cpe:2.3:a:httrack:httrack:3.01
-
cpe:2.3:a:httrack:httrack:3.02
-
cpe:2.3:a:httrack:httrack:3.03
-
cpe:2.3:a:httrack:httrack:3.04
-
cpe:2.3:a:httrack:httrack:3.05
-
cpe:2.3:a:httrack:httrack:3.06
-
cpe:2.3:a:httrack:httrack:3.07
-
cpe:2.3:a:httrack:httrack:3.08
-
cpe:2.3:a:httrack:httrack:3.09
-
cpe:2.3:a:httrack:httrack:3.10
-
cpe:2.3:a:httrack:httrack:3.15
-
cpe:2.3:a:httrack:httrack:3.16
-
cpe:2.3:a:httrack:httrack:3.20
-
cpe:2.3:a:httrack:httrack:3.21
-
cpe:2.3:a:httrack:httrack:3.22
-
cpe:2.3:a:httrack:httrack:3.23
-
cpe:2.3:a:httrack:httrack:3.30
-
cpe:2.3:a:httrack:httrack:3.31
-
cpe:2.3:a:httrack:httrack:3.32
-
cpe:2.3:a:httrack:httrack:3.33
-
cpe:2.3:a:httrack:httrack:3.40
-
cpe:2.3:a:httrack:httrack:3.41
-
cpe:2.3:a:httrack:httrack:3.42
-
cpe:2.3:a:httrack:winhttrack:*
-
cpe:2.3:a:httrack:winhttrack:0.23
-
cpe:2.3:a:httrack:winhttrack:0.24
-
cpe:2.3:a:httrack:winhttrack:0.25
-
cpe:2.3:a:httrack:winhttrack:0.99
-
cpe:2.3:a:httrack:winhttrack:0.996
-
cpe:2.3:a:httrack:winhttrack:0.997
-
cpe:2.3:a:httrack:winhttrack:0.998
-
cpe:2.3:a:httrack:winhttrack:1.00
-
cpe:2.3:a:httrack:winhttrack:1.01
-
cpe:2.3:a:httrack:winhttrack:1.02
-
cpe:2.3:a:httrack:winhttrack:1.03
-
cpe:2.3:a:httrack:winhttrack:1.04
-
cpe:2.3:a:httrack:winhttrack:1.10
-
cpe:2.3:a:httrack:winhttrack:1.11
-
cpe:2.3:a:httrack:winhttrack:1.15
-
cpe:2.3:a:httrack:winhttrack:1.16
-
cpe:2.3:a:httrack:winhttrack:1.20
-
cpe:2.3:a:httrack:winhttrack:1.21
-
cpe:2.3:a:httrack:winhttrack:1.22
-
cpe:2.3:a:httrack:winhttrack:1.23
-
cpe:2.3:a:httrack:winhttrack:1.24
-
cpe:2.3:a:httrack:winhttrack:1.30
-
cpe:2.3:a:httrack:winhttrack:2.00
-
cpe:2.3:a:httrack:winhttrack:2.01
-
cpe:2.3:a:httrack:winhttrack:2.02
-
cpe:2.3:a:httrack:winhttrack:2.2
-
cpe:2.3:a:httrack:winhttrack:3.00
-
cpe:2.3:a:httrack:winhttrack:3.01
-
cpe:2.3:a:httrack:winhttrack:3.02
-
cpe:2.3:a:httrack:winhttrack:3.03
-
cpe:2.3:a:httrack:winhttrack:3.04
-
cpe:2.3:a:httrack:winhttrack:3.05
-
cpe:2.3:a:httrack:winhttrack:3.06
-
cpe:2.3:a:httrack:winhttrack:3.07
-
cpe:2.3:a:httrack:winhttrack:3.08
-
cpe:2.3:a:httrack:winhttrack:3.09
-
cpe:2.3:a:httrack:winhttrack:3.10
-
cpe:2.3:a:httrack:winhttrack:3.15
-
cpe:2.3:a:httrack:winhttrack:3.16
-
cpe:2.3:a:httrack:winhttrack:3.20
-
cpe:2.3:a:httrack:winhttrack:3.21
-
cpe:2.3:a:httrack:winhttrack:3.22
-
cpe:2.3:a:httrack:winhttrack:3.23
-
cpe:2.3:a:httrack:winhttrack:3.30
-
cpe:2.3:a:httrack:winhttrack:3.31
-
cpe:2.3:a:httrack:winhttrack:3.32
-
cpe:2.3:a:httrack:winhttrack:3.33
-
cpe:2.3:a:httrack:winhttrack:3.40
-
cpe:2.3:a:httrack:winhttrack:3.41
-
cpe:2.3:a:httrack:winhttrack:3.42