PT-2008-3999 · Bigview · Bigview

Alfredo Ortega

Published

2008-06-05

Updated

2018-10-11

CVE-2008-2542

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions BigView version 1.8

Description The issue is related to a stack-based buffer overflow in the getline function, which can be exploited by user-assisted remote attackers. This is achieved through a crafted PNM file, allowing the execution of arbitrary code.

Recommendations For BigView version 1.8, update to a version that fixes the stack-based buffer overflow in the getline function, if available. As a temporary workaround, consider restricting the use of the getline function in Ppm/ppm.C to minimize the risk of exploitation. Avoid using BigView to open crafted PNM files until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2008-2542

Affected Products

Bigview

PT-2008-3999 · Bigview · Bigview

CVE-2008-2542

Weakness Enumeration

Related Identifiers

Affected Products

References · 9