Vulnerabilites related to linux - parduslinux
Vulnerability from fkie_nvd
Published
2008-08-07 21:41
Modified
2024-11-21 00:49
Severity ?
Summary
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
References
cve@mitre.orghttp://kerneltrap.org/mailarchive/git/2008/7/16/2529284Exploit
cve@mitre.orghttp://secunia.com/advisories/31347Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31780
cve@mitre.orghttp://secunia.com/advisories/32029
cve@mitre.orghttp://secunia.com/advisories/32384
cve@mitre.orghttp://secunia.com/advisories/33964
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200809-16.xml
cve@mitre.orghttp://wiki.rpath.com/Advisories:rPSA-2008-0253
cve@mitre.orghttp://www.debian.org/security/2008/dsa-1637
cve@mitre.orghttp://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt
cve@mitre.orghttp://www.securityfocus.com/archive/1/495391/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30549
cve@mitre.orghttp://www.securitytracker.com/id?1020627
cve@mitre.orghttp://www.ubuntu.com/usn/USN-723-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2306
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/44217
cve@mitre.orghttps://issues.rpath.com/browse/RPL-2707
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html
af854a3a-2127-422b-91ae-364da2661108http://kerneltrap.org/mailarchive/git/2008/7/16/2529284Exploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31347Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32029
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32384
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33964
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200809-16.xml
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0253
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1637
af854a3a-2127-422b-91ae-364da2661108http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495391/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30549
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020627
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-723-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2306
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44217
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2707
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html
Impacted products
Vendor Product Version
linux parduslinux 2007
linux parduslinux 2008
git git 1.5.5.3
git git 1.5.5.3
git git 1.5.5.4
git git 1.5.6.1
git git 1.5.6.2
git git 1.5.6.3


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:parduslinux:2007:*:*:*:*:*:*:*",
                     matchCriteriaId: "D249E4F6-FD0D-4E0D-9B44-9C92F5554BDB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:parduslinux:2008:*:*:*:*:*:*:*",
                     matchCriteriaId: "D709875E-1618-4078-96A7-2E6B5F5B2623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*",
                     matchCriteriaId: "FF740C26-5EB6-4184-93C3-DAC38F01CE25",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.",
      },
      {
         lang: "es",
         value: "Desbordamiento de búfer basado en pila de las funciones (1) diff_addremove y (2) diff_change en GIT versiones anteriores a la 1.5.6.4, podría permitir a usuarios locales ejecutar código arbitrariamente a través de un PATH de longitud mayor a PATH_MAX del sistema cuando se ejecutan las utilidades GIT como git-diff o git-grep.",
      },
   ],
   id: "CVE-2008-3546",
   lastModified: "2024-11-21T00:49:30.393",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: true,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2008-08-07T21:41:00.000",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
         ],
         url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/31347",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/31780",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/32029",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/32384",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/33964",
      },
      {
         source: "cve@mitre.org",
         url: "http://security.gentoo.org/glsa/glsa-200809-16.xml",
      },
      {
         source: "cve@mitre.org",
         url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.debian.org/security/2008/dsa-1637",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/bid/30549",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securitytracker.com/id?1020627",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.ubuntu.com/usn/USN-723-1",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.vupen.com/english/advisories/2008/2306",
      },
      {
         source: "cve@mitre.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217",
      },
      {
         source: "cve@mitre.org",
         url: "https://issues.rpath.com/browse/RPL-2707",
      },
      {
         source: "cve@mitre.org",
         url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
         ],
         url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/31347",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/31780",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/32029",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/32384",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/33964",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://security.gentoo.org/glsa/glsa-200809-16.xml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.debian.org/security/2008/dsa-1637",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/30549",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1020627",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-723-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.vupen.com/english/advisories/2008/2306",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://issues.rpath.com/browse/RPL-2707",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2008-3546
Vulnerability from cvelistv5
Published
2008-08-07 21:00
Modified
2024-08-07 09:45
Severity ?
Summary
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
References
http://www.securityfocus.com/archive/1/495391/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txtx_refsource_CONFIRM
http://secunia.com/advisories/32029third-party-advisory, x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2008-0253x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/44217vdb-entry, x_refsource_XF
http://secunia.com/advisories/33964third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2707x_refsource_CONFIRM
http://secunia.com/advisories/31347third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200809-16.xmlvendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2008/dsa-1637vendor-advisory, x_refsource_DEBIAN
http://kerneltrap.org/mailarchive/git/2008/7/16/2529284mailing-list, x_refsource_MLIST
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.htmlvendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/32384third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/30549vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2008/2306vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020627vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31780third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-723-1vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T09:45:18.573Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20080812 rPSA-2008-0253-1 git gitweb",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
               },
               {
                  name: "32029",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32029",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
               },
               {
                  name: "git-multiple-bo(44217)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217",
               },
               {
                  name: "33964",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/33964",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://issues.rpath.com/browse/RPL-2707",
               },
               {
                  name: "31347",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31347",
               },
               {
                  name: "GLSA-200809-16",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-200809-16.xml",
               },
               {
                  name: "DSA-1637",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2008/dsa-1637",
               },
               {
                  name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284",
               },
               {
                  name: "FEDORA-2008-9080",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html",
               },
               {
                  name: "32384",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32384",
               },
               {
                  name: "30549",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/30549",
               },
               {
                  name: "ADV-2008-2306",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2008/2306",
               },
               {
                  name: "1020627",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1020627",
               },
               {
                  name: "31780",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31780",
               },
               {
                  name: "USN-723-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-723-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2008-07-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-11T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "20080812 rPSA-2008-0253-1 git gitweb",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
            },
            {
               name: "32029",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32029",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
            },
            {
               name: "git-multiple-bo(44217)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217",
            },
            {
               name: "33964",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/33964",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://issues.rpath.com/browse/RPL-2707",
            },
            {
               name: "31347",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31347",
            },
            {
               name: "GLSA-200809-16",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-200809-16.xml",
            },
            {
               name: "DSA-1637",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2008/dsa-1637",
            },
            {
               name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284",
            },
            {
               name: "FEDORA-2008-9080",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html",
            },
            {
               name: "32384",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32384",
            },
            {
               name: "30549",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/30549",
            },
            {
               name: "ADV-2008-2306",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2008/2306",
            },
            {
               name: "1020627",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1020627",
            },
            {
               name: "31780",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31780",
            },
            {
               name: "USN-723-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-723-1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2008-3546",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20080812 rPSA-2008-0253-1 git gitweb",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded",
                  },
                  {
                     name: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt",
                  },
                  {
                     name: "32029",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/32029",
                  },
                  {
                     name: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
                     refsource: "CONFIRM",
                     url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253",
                  },
                  {
                     name: "git-multiple-bo(44217)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217",
                  },
                  {
                     name: "33964",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/33964",
                  },
                  {
                     name: "https://issues.rpath.com/browse/RPL-2707",
                     refsource: "CONFIRM",
                     url: "https://issues.rpath.com/browse/RPL-2707",
                  },
                  {
                     name: "31347",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31347",
                  },
                  {
                     name: "GLSA-200809-16",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-200809-16.xml",
                  },
                  {
                     name: "DSA-1637",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2008/dsa-1637",
                  },
                  {
                     name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff",
                     refsource: "MLIST",
                     url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284",
                  },
                  {
                     name: "FEDORA-2008-9080",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html",
                  },
                  {
                     name: "32384",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/32384",
                  },
                  {
                     name: "30549",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/30549",
                  },
                  {
                     name: "ADV-2008-2306",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2008/2306",
                  },
                  {
                     name: "1020627",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1020627",
                  },
                  {
                     name: "31780",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31780",
                  },
                  {
                     name: "USN-723-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-723-1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2008-3546",
      datePublished: "2008-08-07T21:00:00",
      dateReserved: "2008-08-07T00:00:00",
      dateUpdated: "2024-08-07T09:45:18.573Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}