CVE-2008-3546

Name of the Vulnerable Software and Affected Versions GIT versions prior to 1.5.6.4

Description A stack-based buffer overflow issue exists in the diff addremove and diff change functions. This could potentially allow local users to execute arbitrary code by providing a PATH whose length exceeds the system's PATH MAX when running GIT utilities like git-diff or git-grep. The vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information and can potentially be exploited remotely.

Recommendations For versions prior to 1.5.6.4, update to version 1.5.6.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of GIT utilities like git-diff and git-grep until the update is applied. Additionally, avoid using excessively long PATHs to minimize the risk of exploitation.