cpe:/a:libspf:libspf2:1.0.2 cpe:/a:libspf:libspf2:1.0.3 cpe:/a:libspf:libspf2:1.0.4 cpe:/a:libspf:libspf2:1.2.1 cpe:/a:libspf:libspf2:1.2.3 cpe:/a:libspf:libspf2:1.2.4 cpe:/a:libspf:libspf2:1.2.5 cpe:/a:libspf:libspf2:1.2.6 cpe:/a:libspf:libspf2:1.2.7 CVE-2008-2469 2008-10-23T18:00:01.073-04:00 2017-09-28T21:31:10.960-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-10-24T12:38:00.000-04:00 BID 31881 SECUNIA 32396 SECUNIA 32450 SECUNIA 32496 SECUNIA 32720 SREASON 4487 EXPLOIT-DB 6805 VUPEN ADV-2008-2896 DEBIAN DSA-1659 GENTOO GLSA-200810-03 CERT-VN VU#183657 CONFIRM http://bugs.gentoo.org/show_bug.cgi?format=multiple&id=242254 CONFIRM http://up2date.astaro.com/2008/11/up2date_7305_released.html MISC http://www.doxpara.com/?p=1263 MISC http://www.doxpara.com/?page_id=1256 CONFIRM https://answers.launchpad.net/ubuntu/gutsy/+source/libspf2/1.2.5.dfsg-4ubuntu0.7.10.1 CONFIRM https://bugs.launchpad.net/ubuntu/feisty/+source/libspf2/+bug/271025 XF libspf2-dnstxtrecord-bo(46055) Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.