CVE-2008-4575

jhead < 2.84 - Buffer Overflow via Long -cmd Argument

Title source: llm
STIX 2.1

Description

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."

References (7)

Core 7
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31770
Various Sources x_refsource_confirm
http://www.sentex.net/~mwandel/jhead/changes.txt
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32363
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/15/6

Scores

EPSS 0.0173
EPSS Percentile 74.9%

Details

CWE
CWE-119
Status published
Products (20)
sentex/jhead 1.2
sentex/jhead 1.3
sentex/jhead 1.4
sentex/jhead 1.5
sentex/jhead 1.6
sentex/jhead 1.7
sentex/jhead 1.8
sentex/jhead 1.9
sentex/jhead 2.0
sentex/jhead 2.1
... and 10 more
Published Oct 15, 2008
Tracked Since Feb 18, 2026