Lucene search

K
cve[email protected]CVE-2008-4403
HistoryOct 03, 2008 - 3:07 p.m.

CVE-2008-4403

2008-10-0315:07:10
CWE-399
web.nvd.nist.gov
17
trend micro
officescan
cgi modules
denial of service
http headers

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.04 Low

EPSS

Percentile

92.2%

The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via crafted HTTP headers, related to the “error handling mechanism.”

Affected configurations

NVD
Node
trend_microofficescanMatch8.0sp1
OR
trend_microofficescanMatch8.0sp1_patch1

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.04 Low

EPSS

Percentile

92.2%

Related for CVE-2008-4403