ubuntu · CVE-2008-7159

Quick triage

Priority: medium Published: 2009-09-10 21:30:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2008-7159 medium priority: Ubuntu including 3 source packages (silc-client, silc-server, silc-toolkit), 18 status rows across 6 suites (dapper, hardy, intrepid, jaunty, karmic, upstream): not-affected 9, ignored 4, DNE 2, needs-triage 2, released 1.

Description:

The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string.

cvelogic Threat Intelligence