CVE-2008-4396
FileAlyzer 1.6.0.0 and 1.6.0.4 beta - Stack-Based Buffer Overflow via Malformed Executable Version Data
Title source: llmDescription
Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45516
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/0809-advisories/filealyzer-overflow.txt
Various Sources x_refsource_misc
http://forums.spybot.info/showthread.php?t=34737
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31474
Various Sources x_refsource_misc
http://lostmon.blogspot.com/2008/09/filealyzer-1604-stak-overflow.html
Scores
EPSS
0.0409
EPSS Percentile
89.6%
Details
CWE
CWE-119
Status
published
Products (2)
safer_networking/filealyzer
1.6.0.0
safer_networking/filealyzer
1.6.0.4 beta
Published
Oct 02, 2008
Tracked Since
Feb 18, 2026