Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-8080

Опубликовано: 13 апр. 2016
Источник: ubuntu
Приоритет: medium
CVSS2: 5
CVSS3: 7.5

Описание

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

5:4.0.9-1
devel

not-affected

5:4.0.11-2
esm-apps/bionic

not-affected

5:4.0.9-1
esm-apps/xenial

not-affected

2:3.0.6-1
esm-infra-legacy/trusty

released

2:2.8.4-2ubuntu0.2
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

released

2:2.8.4-2ubuntu0.2
trusty/esm

released

2:2.8.4-2ubuntu0.2

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-8080

redhat
больше 10 лет назад

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.

nvd логотип

CVE-2015-8080

CVSS3: 7.5
nvd
почти 10 лет назад

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.

debian логотип

CVE-2015-8080

CVSS3: 7.5
debian
почти 10 лет назад

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x ...

suse-cvrf логотип

openSUSE-SU-2016:1444-1

suse-cvrf
больше 9 лет назад

Security update for redis

github логотип

GHSA-4r9x-2fwv-q8g6

CVSS3: 7.5
github
больше 3 лет назад

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.

5 Medium

CVSS2

7.5 High

CVSS3