{"api_version":"1","generated_at":"2026-05-11T20:55:14+00:00","cve":"CVE-2008-6005","urls":{"html":"https://cve.report/CVE-2008-6005","api":"https://cve.report/api/cve/CVE-2008-6005.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-6005","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-6005"},"summary":{"title":"CVE-2008-6005","description":"Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via \"duplicated\" attribute value inputs.","state":"PUBLISHED","assigner":"mitre","published_at":"2009-01-28 20:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15","name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"#507587 - CVE-2008-5282,CVE-2008-6005,CVE-2009-0323: multiple buffer overflows - Debian Bug report logs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/33736","name":"http://www.securityfocus.com/bid/33736","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"W3C Amaya 'CheckUniqueName()' Multiple Stack Based Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-6005","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-6005","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"6005","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"w3c","cpe5":"amaya_web_browser","cpe6":"10.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"6005","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"w3c","cpe5":"amaya_web_browser","cpe6":"11.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T11:13:13.967Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15"},{"name":"33736","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/33736"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-12-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via \"duplicated\" attribute value inputs."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2009-02-17T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15"},{"name":"33736","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/33736"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-6005","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via \"duplicated\" attribute value inputs."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15","refsource":"CONFIRM","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587#15"},{"name":"33736","refsource":"BID","url":"http://www.securityfocus.com/bid/33736"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-6005","datePublished":"2009-01-28T20:00:00.000Z","dateReserved":"2009-01-28T00:00:00.000Z","dateUpdated":"2024-08-07T11:13:13.967Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2009-01-28 20:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:w3c:amaya_web_browser:10.0.1:*:*:*:*:*:*:*","matchCriteriaId":"E1CE9DE5-7228-427A-8E6F-37DE9C000F29"},{"vulnerable":true,"criteria":"cpe:2.3:a:w3c:amaya_web_browser:11.0.1:*:*:*:*:*:*:*","matchCriteriaId":"6CC75B09-804C-4E9B-A6A4-6AF3CB3F4440"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"6005","Ordinal":"1","Title":"CVE-2008-6005","CVE":"CVE-2008-6005","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"6005","Ordinal":"1","NoteData":"Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via \"duplicated\" attribute value inputs.","Type":"Description","Title":"CVE-2008-6005"},{"CveYear":"2008","CveId":"6005","Ordinal":"2","NoteData":"2009-01-28","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"6005","Ordinal":"3","NoteData":"2009-02-17","Type":"Other","Title":"Modified"}]}}}