CVE-2008-1384 - Vulnerability Details - OpenCVE

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Php	Php

Configuration 1 [-]

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://secunia.com/advisories/30158
http://secunia.com/advisories/30345
http://secunia.com/advisories/30411
http://secunia.com/advisories/30967
http://secunia.com/advisories/31200
http://secunia.com/advisories/32746
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://securityreason.com/achievement_securityalert/52
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178
http://www.debian.org/security/2008/dsa-1572
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
http://www.securityfocus.com/archive/1/489962/100/0/threaded
http://www.securityfocus.com/archive/1/492535/100/0/threaded
http://www.securityfocus.com/archive/1/492671/100/0/threaded
http://www.securityfocus.com/bid/28392
http://www.ubuntu.com/usn/usn-628-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/41386
https://issues.rpath.com/browse/RPL-2503

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-03-27T17:00:00

Updated: 2024-08-07T08:17:34.576Z

Reserved: 2008-03-18T00:00:00

Link: CVE-2008-1384

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-03-27T17:44:00.000

Modified: 2024-11-21T00:44:25.217

Link: CVE-2008-1384

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-20T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"}, {"name": "20080321 {securityreason.com}PHP 5 *printf() - Integer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"}, {"name": "32746", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32746"}, {"name": "GLSA-200811-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup"}, {"name": "DSA-1572", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1572"}, {"name": "30345", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30345"}, {"name": "USN-628-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-628-1"}, {"name": "30967", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30967"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"}, {"name": "php-phpsprintfappendstring-overflow(41386)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"}, {"name": "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"}, {"name": "30411", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30411"}, {"name": "30158", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30158"}, {"name": "MDVSA-2009:023", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"}, {"name": "MDVSA-2009:022", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"}, {"name": "28392", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28392"}, {"name": "31200", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31200"}, {"name": "SUSE-SR:2008:014", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2503"}, {"name": "20080320 PHP 5.2.5 and prior : *printf() functions Integer Overflow", "tags": ["third-party-advisory", "x_refsource_SREASONRES"], "url": "http://securityreason.com/achievement_securityalert/52"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1384", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"}, {"name": "20080321 {securityreason.com}PHP 5 *printf() - Integer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"}, {"name": "32746", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32746"}, {"name": "GLSA-200811-05", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"}, {"name": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup", "refsource": "CONFIRM", "url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup"}, {"name": "DSA-1572", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1572"}, {"name": "30345", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30345"}, {"name": "USN-628-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-628-1"}, {"name": "30967", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30967"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"}, {"name": "php-phpsprintfappendstring-overflow(41386)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"}, {"name": "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"}, {"name": "30411", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30411"}, {"name": "30158", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30158"}, {"name": "MDVSA-2009:023", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"}, {"name": "MDVSA-2009:022", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"}, {"name": "28392", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28392"}, {"name": "31200", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31200"}, {"name": "SUSE-SR:2008:014", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"}, {"name": "https://issues.rpath.com/browse/RPL-2503", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2503"}, {"name": "20080320 PHP 5.2.5 and prior : *printf() functions Integer Overflow", "refsource": "SREASONRES", "url": "http://securityreason.com/achievement_securityalert/52"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:17:34.576Z"}, "title": "CVE Program Container", "references": [{"name": "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"}, {"name": "20080321 {securityreason.com}PHP 5 *printf() - Integer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"}, {"name": "32746", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32746"}, {"name": "GLSA-200811-05", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup"}, {"name": "DSA-1572", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1572"}, {"name": "30345", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30345"}, {"name": "USN-628-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-628-1"}, {"name": "30967", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30967"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"}, {"name": "php-phpsprintfappendstring-overflow(41386)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"}, {"name": "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"}, {"name": "30411", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30411"}, {"name": "30158", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30158"}, {"name": "MDVSA-2009:023", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"}, {"name": "MDVSA-2009:022", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"}, {"name": "28392", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28392"}, {"name": "31200", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31200"}, {"name": "SUSE-SR:2008:014", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2503"}, {"name": "20080320 PHP 5.2.5 and prior : *printf() functions Integer Overflow", "tags": ["third-party-advisory", "x_refsource_SREASONRES", "x_transferred"], "url": "http://securityreason.com/achievement_securityalert/52"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1384", "datePublished": "2008-03-27T17:00:00", "dateReserved": "2008-03-18T00:00:00", "dateUpdated": "2024-08-07T08:17:34.576Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "18255FF5-3F40-483F-85DC-21D9B6B4FE07", "versionEndIncluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions)."}, {"lang": "es", "value": "Desbordamiento de entero en PHP 5.2.5 y versiones anteriores permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio y posiblemente tener otros impactos no especificados a trav\u00e9s de un par\u00e1metro de formato printf con un especificador de gran anchura, en relaci\u00f3n a la funci\u00f3n php_sprintf_appendstring en formatted_print.c y posiblemente otras funciones para cadenas de formato (tambi\u00e9n conocido como funciones *printf)."}], "id": "CVE-2008-1384", "lastModified": "2024-11-21T00:44:25.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-27T17:44:00.000", "references": [{"source": "cve@mitre.org", "url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30158"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30345"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30411"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30967"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31200"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32746"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/achievement_securityalert/52"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1572"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/28392"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-628-1"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"}, {"source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-2503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30158"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30967"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31200"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32746"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securityreason.com/achievement_securityalert/52"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1572"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/28392"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-628-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2503"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat do not consider this to be a security vulnerability:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1384", "lastModified": "2008-03-28T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}