CVE: CVE-2008-6393

Export to Word

PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.

Threat-Mapped Scoring

Score: 1.9

Priority: P3 - Important (Medium)

S9 – Sabotage of System/App
S10 – Denial of Service (+0.1 bonus)

EPSS

Score: 0.25457
Percentile: 0.95966

CVSS Scoring

CVSS v2 Score: 10.0

Severity:

Affected Products

cpe:2.3:a:psi-im:psi:*:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.8.7:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.9:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:psi-im:psi:0.11:*:*:*:*:*:*:*

← Back to Home