Lucene search

[email protected]CVE-2008-3864

HistoryJan 21, 2009 - 8:30 p.m.

CVE-2008-3864

2009-01-2120:30:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-3864

trend micro

nsc module

firewall service

denial of service

vulnerability

tmpfw.exe

officescan

internet security

nvd

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.094 Low

EPSS

Percentile

94.7%

JSON

The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field.

CPENameOperatorVersion
trend_micro:internet_security_2008trend micro internet security 2008eq17.0.1224
trend_micro:internet_security_2007trend micro internet security 2007eq*
trend_micro:officescantrend micro officescaneq8.0

CPE	Name	Operator	Version
trend_micro:internet_security_2008	trend micro internet security 2008	eq	17.0.1224
trend_micro:internet_security_2007	trend micro internet security 2007	eq	*
trend_micro:officescan	trend micro officescan	eq	8.0

References

secunia.com/advisories/31160

secunia.com/advisories/33609

secunia.com/secunia_research/2008-42/

securityreason.com/securityalert/4937

www.securityfocus.com/archive/1/500195/100/0/threaded

www.securityfocus.com/bid/33358

www.securitytracker.com/id?1021614

www.securitytracker.com/id?1021615

www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt

www.vupen.com/english/advisories/2009/0191

exchange.xforce.ibmcloud.com/vulnerabilities/48106

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.094 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2008-3864

prion1 securityvulns2 nessus1 seebug1