CVE-2008-2080
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-2080
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NASA CDF库src/lib/cdfread64.c文件栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
通用数据格式(CDF)是由NASA戈达德航天飞行中心开发的用于存储和操控标量和多维数据的数据格式。 CDF库在打开无效的CDF输入文件时存在栈溢出漏洞,允许攻击者在使用该库的应用程序环境中执行任意指令或导致整个应用程序崩溃。 漏洞存在于src/lib/cdfread64.c文件的以下代码中。Read32s_64函数将数据从文件读取到缓冲区,temp缓冲区大小为MAX_READ32s,但没有检查count参数,因此大于MAX_READ32s的参数可能会触发栈溢出。 /----------- 57 STATI
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-2080
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-2080
请登录查看更多情报信息。
- http://cdf.gsfc.nasa.gov/CDF32_buffer_overflow.htmlx_refsource_CONFIRM
- http://www.coresecurity.com/?action=item&id=2260x_refsource_MISC
- Common Data Format library: User-assisted execution of arbitrary code (GLSA 200805-14) — Gentoo securityvendor-advisoryx_refsource_GENTOO
- https://nvd.nist.gov/vuln/detail/CVE-2008-2080
Same Patch Batch · n/a · 2008-05-06 · 11 CVEs total
| CVE-2008-2091 | KubeLabs Kubelance 'ipn.php' 本地文件包含漏洞 | |
| CVE-2008-2092 | Linksys SPA-2102 Phone Adapter Packet Handling 拒绝服务漏洞 | |
| CVE-2008-2093 | Joomla! and Mambo Community Builder 'com_profiler' Component 'index.php' SQL注入漏洞 | |
| CVE-2008-2094 | XOOPS Article Module 'article.php' SQL注入漏洞 | |
| CVE-2008-2095 | Joomla! FlippingBook Component 'book_id' 参数SQL注入漏洞 | |
| CVE-2008-2005 | WonderWare SuiteLink slssvc.exe远程拒绝服务漏洞 | |
| CVE-2008-2087 | Softbiz Web Host Directory Script 'search_result.php' SQL注入漏洞 | |
| CVE-2008-2088 | PHP Forge 'id' Parameter SQL注入漏洞 | |
| CVE-2008-2089 | Sun Solaris 10 未明SCTP协议处理远程拒绝服务漏洞 | |
| CVE-2008-2090 | Sun Solaris SCTP Network Flooding 远程拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2008-2080
No comments yet