View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2008-7159 medium priority: Ubuntu including 3 source packages (silc-client, silc-server, silc-toolkit), 18 status rows across 6 suites (dapper, hardy, intrepid, jaunty, karmic, upstream): not-affected 9, ignored 4, DNE 2, needs-triage 2, released 1.
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string.