{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T04:44:24.404","vulnerabilities":[{"cve":{"id":"CVE-2008-0888","sourceIdentifier":"secalert@redhat.com","published":"2008-03-17T21:44:00.000","lastModified":"2025-05-01T15:33:00.470","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data."},{"lang":"es","value":"La macro NEEDBITS en la función inflate_dynamic en el archivo inflate.c para unzip puede ser invocada usando búferes no válidos, lo que permite a los atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de vectores desconocidos que activan una liberación de datos no inicializados o previamente liberados."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","matchCriteriaId":"454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","matchCriteriaId":"23E304C9-F780-4358-A58D-1E4C93977704"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","matchCriteriaId":"6EBDAFF8-DE44-4E80-B6BD-E341F767F501"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","matchCriteriaId":"823BF8BE-2309-4F67-A5E2-EAD98F723468"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionEndExcluding":"10.6.3","matchCriteriaId":"04C722E3-68B2-4E05-BFE0-1F2139151165"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","matchCriteriaId":"0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:unzip_project:unzip:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0","matchCriteriaId":"35DEE12E-4FBC-4641-A3A2-88E5EF0B1F32"}]}]}],"references":[{"url":"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/29392","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29406","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29415","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29427","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29432","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29440","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29495","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29681","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/30535","source":"secalert@redhat.com","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/31204","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://security.gentoo.org/glsa/glsa-200804-06.xml","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://support.apple.com/kb/HT4077","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0116","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.debian.org/security/2008/dsa-1522","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:068","source":"secalert@redhat.com","tags":["Not Applicable"]},{"url":"http://www.redhat.com/support/errata/RHSA-2008-0196.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/archive/1/489967/100/0/threaded","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/archive/1/493080/100/0/threaded","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/bid/28288","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.securitytracker.com/id?1019634","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://www.ubuntu.com/usn/usn-589-1","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.vmware.com/security/advisories/VMSA-2008-0009.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/0913/references","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/1744","source":"secalert@redhat.com","tags":["Broken Link","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41246","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://issues.rpath.com/browse/RPL-2317","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9733","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/29392","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29406","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29415","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29427","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29432","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29440","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29495","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/29681","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://secunia.com/advisories/30535","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/31204","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://security.gentoo.org/glsa/glsa-200804-06.xml","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://support.apple.com/kb/HT4077","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0116","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.debian.org/security/2008/dsa-1522","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:068","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"http://www.redhat.com/support/errata/RHSA-2008-0196.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/archive/1/489967/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/archive/1/493080/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/bid/28288","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.securitytracker.com/id?1019634","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.ubuntu.com/usn/usn-589-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.vmware.com/security/advisories/VMSA-2008-0009.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/0913/references","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/1744","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41246","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://issues.rpath.com/browse/RPL-2317","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9733","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}}]}