VYPR
Unrated severityNVD Advisory· Published Mar 17, 2008· Updated Jun 16, 2026

CVE-2008-0888

CVE-2008-0888

Description

The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:unzip_project:unzip:*:*:*:*:*:*:*:*
    Range: <6.0
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    Range: <10.6.3
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • Range: 0

Patches

Vulnerability mechanics

References

31

News mentions

0

No linked articles in our index yet.