Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2008-1367

EPSS 4.36% · P89
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-1367

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux Kernel Direction Flag本地内存崩溃漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
gcc 在编辑用于如memcpy 和 memmove on x86 以及 i386那样的字符串处理函数时,不会产生一个cld指令,这会阻止direction flag (DF)违背ABI惯例时重新启动并造成在Linux内核程序处理信号的时候把数据拷贝在错误的方向从而允许依靠内容的攻击者处罚内存破坏。注意:该漏洞原本被报道成会引起SBCL中的CPU损耗。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-1367

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-1367

登录查看更多情报信息。

Same Patch Batch · n/a · 2008-03-17 · 23 CVEs total

CVE-2008-1342Polymita BPM-Suite 和 CollagePortal search feature多个跨站脚本攻击漏洞
CVE-2008-1352Edior CMS 'search.php' 目录遍历漏洞
CVE-2008-1351XOOPS Tutorials 多个SQL注入漏洞
CVE-2008-1350Fully Modded PHPBB2 'kb.php' SQL注入漏洞
CVE-2008-1349bamaGalerie 'viewcat.php' SQL注入漏洞
CVE-2008-1348eWeather 'index.php' 跨站脚本攻击漏洞
CVE-2008-1347EasyGallery 'index.php' 多个跨站脚本攻击漏洞
CVE-2008-1346EasyGallery 'index.php' SQL注入漏洞
CVE-2008-1345EasyCalendar 'calendar_backend.php' 跨站脚本攻击漏洞
CVE-2008-1344EasyCalendar 多个SQL注入漏洞
CVE-2008-1343SCO UnixWare的pkgadd命令目录遍历漏洞
CVE-2008-1365Trend Micro OfficeScan 栈缓冲区溢出漏洞
CVE-2008-1341LaGarde StoreFront 'SearchResults.aspx' SQL注入漏洞
CVE-2008-1360Nagios 未明CGI脚本跨站脚本攻击漏洞
CVE-2008-1359Invision Power Board 跨站脚本攻击漏洞
CVE-2008-1358Alt-N MDaemon IMAP服务器FETCH命令远程栈溢出漏洞
CVE-2008-1357McAfee Framework 'applib.dll库' 远程格式串处理漏洞
CVE-2008-1356Sun Solaris 10 Java Desktop System GNOME On-Screen Keyboard锁定屏幕绕过漏洞
CVE-2008-1355Jeebles Technology Jeebles Directory 'index.php'跨站脚本攻击漏洞
CVE-2008-1354Virtual Support Office XP 'MyIssuesView.asp' 远程SQL注入漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-1367

No comments yet

Leave a comment