CVE-2008-3910

CVE-2008-3910 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact.

Learn more about our Web Application Penetration Testing UK.