CVE-2008-2363

Name of the Vulnerable Software and Affected Versions Pan versions 0.132 and earlier

Description The issue is related to the PartsBatch class, which does not properly manage data structures for Parts batches. This allows remote attackers to cause a denial of service, potentially leading to an application crash, and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow. The vulnerability may also lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For Pan versions 0.132 and earlier, as a temporary workaround, consider restricting the use of the PartsBatch class until a patch is available. Avoid using crafted .nzb files that may trigger a heap-based buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.