{
  "modified": "2025-08-09T19:01:29Z",
  "published": "2008-07-16T18:41:00Z",
  "id": "CVE-2008-3196",
  "details": "skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/31073"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2008/2151/references"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=openbsd-cvs\u0026m=121553004431393\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=openbsd-cvs\u0026m=121553036432044\u0026w=2"
    }
  ]
}
