Vulnerability Description
Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC Linux before 1.1.2 allows remote echoServers to execute arbitrary code via a large (1) group or (2) user list, aka a "very crowded echoServer" attack. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Echovnc | Echovnc | <= 1.1.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31526Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=620019&group_id=133100
- http://www.securityfocus.com/bid/30722
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44501
- http://secunia.com/advisories/31526Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=620019&group_id=133100
- http://www.securityfocus.com/bid/30722
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44501
FAQ
What is CVE-2008-3705?
CVE-2008-3705 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC Linux before 1.1.2 allows remote echoServers to execute arbitrary code via a large (1) group or (2)...
How severe is CVE-2008-3705?
CVE-2008-3705 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3705?
Check the references section above for vendor advisories and patch information. Affected products include: Echovnc Echovnc.