Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-x1em-879j-3uf5
Vulnerability ID VCID-x1em-879j-3uf5
Aliases CVE-2008-2829
Summary PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
epss 0.09637 https://api.first.org/data/v1/epss?cve=CVE-2008-2829
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2008-2829
Reference id Reference type URL
http://bugs.php.net/bug.php?id=42862
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
http://marc.info/?l=bugtraq&m=124654546101607&w=2
http://marc.info/?l=bugtraq&m=125631037611762&w=2
http://osvdb.org/46641
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2829.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2829
https://bugs.gentoo.org/show_bug.cgi?id=221969
http://secunia.com/advisories/31200
http://secunia.com/advisories/32746
http://secunia.com/advisories/35074
http://secunia.com/advisories/35306
http://secunia.com/advisories/35650
http://security.gentoo.org/glsa/glsa-200811-05.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/43357
http://support.apple.com/kb/HT3549
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
http://wiki.rpath.com/Advisories:rPSA-2009-0035
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
http://www.openwall.com/lists/oss-security/2008/06/19/6
http://www.openwall.com/lists/oss-security/2008/06/24/2
http://www.securityfocus.com/archive/1/501376/100/0/threaded
http://www.securityfocus.com/bid/29829
http://www.ubuntu.com/usn/usn-628-1
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2009/1297
452808 https://bugzilla.redhat.com/show_bug.cgi?id=452808
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
CVE-2008-2829 https://nvd.nist.gov/vuln/detail/CVE-2008-2829
GLSA-200811-05 https://security.gentoo.org/glsa/200811-05
USN-628-1 https://usn.ubuntu.com/628-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-2829
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.92868
EPSS Score 0.09637
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:56.024591+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200811-05 38.0.0