Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-8crf-hmct-5uf5
Vulnerability ID VCID-8crf-hmct-5uf5
Aliases CVE-2008-2719
Summary Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-193 Off-by-one Error
System Score Found at
epss 0.02934 https://api.first.org/data/v1/epss?cve=CVE-2008-2719
epss 0.02934 https://api.first.org/data/v1/epss?cve=CVE-2008-2719
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2719.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2719
451995 https://bugzilla.redhat.com/show_bug.cgi?id=451995
486715 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486715
CVE-2008-2719;OSVDB-46090 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31903.asm
CVE-2008-2719;OSVDB-46090 Exploit https://www.securityfocus.com/bid/29656/info
USN-648-1 https://usn.ubuntu.com/648-1/
Data source Exploit-DB
Date added June 21, 2008
Description NASM 2.0 - 'ppscan()' Off-by-One Buffer Overflow
Ransomware campaign use Known
Source publication date June 21, 2008
Exploit type remote
Platform linux
Source update date Feb. 26, 2014
Source URL https://www.securityfocus.com/bid/29656/info
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.86687
EPSS Score 0.02934
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:03:21.577043+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0