VDB
CVE-2008-2080
CVE-2008-2080
PUBLISHED
CVSS 7.5 HIGH
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
EPSS 1.08% · 78.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
1.08%
78.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| nasa_goddard_space_flight_center | common_data_format | 2.0, 2.1, 2.2 |
Timeline
- May 6, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- http://cdf.gsfc.nasa.gov/CDF32_buffer_overflow.html url
- http://www.coresecurity.com/?action=item&id=2260 url
- cdf-read32s64-bo(42219) vdb
- ADV-2008-1440 vdb
- 1019965 vdb
- GLSA-200805-14 vendor-advisory
- 29045 vdb
- 30053 third-party-advisory
- 30169 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-2080 advisory