VDB

CVE-2008-2654

CVE-2008-2654 PUBLISHED CVSS 10 CRITICAL

Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and compiler.

EPSS 7.46% · 91.9th percentile

Risk Scores

CVSS 2.0
10
EPSS Score
7.46%
91.9th percentile

Affected Products

VendorProductVersions
n/an/a*
lavrsenmotion0, 3.1.17, 3.1.19

Timeline

  • Jun 13, 2008 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›