CVE-2008-2654

EPSS 7.5%

Published: 6/13/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-2654

Description

Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and compiler.

Affected packages (1)

Debian/motionfrom 0, < 3.2.9-3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2654