Lucene search
K
PerforcePerforce Server

10 matches found

CVE
CVE
added 2010/03/05 7:0 p.m.49 views

CVE-2010-0929

CVE-2010-0929 affects Perforce Server 2008.1 (p4s.exe) and is a remote denial-of-service vulnerability triggered by crafted data beginning with the byte sequence 0x4C, 0xB3, 0xFF, 0xFF, 0xFF. The Perforce service may crash a daemon when processing such input, per multiple sources. The available d...

5CVSS6.8AI score0.01139EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.49 views

CVE-2010-0933

The vulnerability CVE-2010-0933 affects Perforce Server 2008.1 and is a directory traversal flaw that allows remote authenticated users to create arbitrary files by supplying a .. (dot dot) sequence in the argument to the p4 add command. Core details consistently reported across sources (NVD, Red...

6.8CVSS6.5AI score0.0179EPSS
CVE
CVE
added 2008/03/14 8:0 p.m.47 views

CVE-2008-1338

CVE-2008-1338 concerns the Perforce Server (p4s.exe) in versions 2007.3/143793 and earlier. A remote attacker can trigger a denial of service (daemon crash) by issuing a server-DiffFile command with an integer value in a certain range, which causes a loop that exhausts memory. The available sourc...

7.8CVSS6.8AI score0.02091EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.47 views

CVE-2010-0934

CVE-2010-0934 affects Perforce Server 2008.1, where the triggers functionality can be abused by remote authenticated users with super privileges to execute arbitrary operating-system commands via a p4 client invocation combined with the form-in trigger script. The Red Hat, NVD, and OpenVAS record...

7.1CVSS7.5AI score0.02001EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.46 views

CVE-2010-0931

CVE-2010-0931 affects Perforce Server 2008.1 (p4s.exe) and causes a denial of service (daemon crash) when processing crafted data, possibly involving a large sndbuf value. No explicit fixes or mitigation are provided in the documents; exploitation details are not described.

5CVSS6.9AI score0.01139EPSS
CVE
CVE
added 2008/03/12 5:0 p.m.45 views

CVE-2008-1302

The CVE-2008-1302 entry affects Perforce Server 2007.3/143793 and earlier, specifically the Perforce service (p4s.exe). The vulnerability arises when handling the server-DiffFile or server-ReleaseFile commands with a large integer value, which is used in an array initialization calculation and le...

5CVSS6.8AI score0.01747EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.44 views

CVE-2010-0935

Perforce Server 2009.2 and earlier allows remote authenticated users to obtain super privileges via a “p4 protect” command when the protection table is empty. Root cause: empty protection table enables privilege escalation. Impact: potential full administrative access. No remediation or patch det...

4.6CVSS6.3AI score0.01573EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.43 views

CVE-2010-0930

The vulnerability CVE-2010-0930 affects Perforce Server 2008.1 (p4s.exe). A crafted data sequence containing 0xDC 0xFF 0xFF 0xFF immediately before the client protocol version number can cause a denial of service (infinite loop). Connected sources consistently describe this as a DoS caused by tha...

5CVSS6.8AI score0.01139EPSS
CVE
CVE
added 2008/03/12 5:0 p.m.40 views

CVE-2008-1303

The CVE-2008-1303 issue affects the Perforce Server (p4s.exe) up to 2007.3/143793. Affected component: Perforce service commands (dm-FaultFile, dm-LazyCheck, dm-ResolvedFile, dm-OpenFile, crypto, and possibly others). Root cause: missing parameter handling triggers a NULL pointer dereference, pro...

5CVSS6.8AI score0.0758EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.39 views

CVE-2010-0932

The CVE-2010-0932 entry concerns Perforce Server 2008.1, where the FTP server component is vulnerable to a denial of service via a crafted MKD command that triggers a NULL pointer dereference and daemon crash. The cited Red Hat and NVD records confirm the same description and indicate the impact ...

5CVSS6.8AI score0.01666EPSS