// For flags

CVE-2008-1366

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference.

Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 y anteriores y 7.3 Patch 3 build 1314 y anteriores, permiten a atacantes remotos provocar una denegación de servicio (consumo de procesos) mediante (1) una petición HTTP sin una cabecera Content-Length o (2) caracteres inválidos en argumentos CGI no especificados, que disparan una referencia a un puntero nulo.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-03-17 CVE Reserved
  • 2008-03-17 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-04 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trend Micro
Search vendor "Trend Micro"
Officescan Corporate Edition
Search vendor "Trend Micro" for product "Officescan Corporate Edition"
<= 7.3_patch3_build1314
Search vendor "Trend Micro" for product "Officescan Corporate Edition" and version " <= 7.3_patch3_build1314"
-
Affected
Trend Micro
Search vendor "Trend Micro"
Officescan Corporate Edition
Search vendor "Trend Micro" for product "Officescan Corporate Edition"
<= 8.0_patch2_build1189
Search vendor "Trend Micro" for product "Officescan Corporate Edition" and version " <= 8.0_patch2_build1189"
-
Affected