Back to search
CVE-2008-3546
Published: Aug 7, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080812 rPSA-2008-0253-1 git gitweb
mailing-list
x_refsource_BUGTRAQ
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt
x_refsource_CONFIRM
32029
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2008-0253
x_refsource_CONFIRM
git-multiple-bo(44217)
vdb-entry
x_refsource_XF
33964
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2707
x_refsource_CONFIRM
31347
third-party-advisory
x_refsource_SECUNIA
GLSA-200809-16
vendor-advisory
x_refsource_GENTOO
DSA-1637
vendor-advisory
x_refsource_DEBIAN
[git] 20080716 [PATCH] Fix buffer overflow in git diff
mailing-list
x_refsource_MLIST
FEDORA-2008-9080
vendor-advisory
x_refsource_FEDORA
32384
third-party-advisory
x_refsource_SECUNIA
30549
vdb-entry
x_refsource_BID
ADV-2008-2306
vdb-entry
x_refsource_VUPEN
1020627
vdb-entry
x_refsource_SECTRACK
31780
third-party-advisory
x_refsource_SECUNIA
USN-723-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now