CVE-2008-0122
EPSS 1.7%
Description
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
How to fix CVE-2008-0122
To remediate CVE-2008-0122, upgrade the affected package to a fixed version below.
- Debian/glibc—upgrade to 2.2-1 or later
Is CVE-2008-0122 being exploited?
Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.2-1