CVE-2008-3864
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field.
La función ApiThread en el servicio de cortafuegos (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC), del modo que se usan en Trend Micro OfficeScan 8.0 SP1 Patch 1 e Internet Security 2007 y 2008 17.0.1224, permite a atacantes remotos provocar una denegación de sevicio (caída de aplicación) mediante un paquete con un valor grande en un campo de tamaño no especificado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-08-29 CVE Reserved
- 2009-01-21 CVE Published
- 2024-05-20 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/secunia_research/2008-42 | X_refsource_misc | |
| http://securityreason.com/securityalert/4937 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/500195/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1021614 | Vdb Entry | |
| http://www.securitytracker.com/id?1021615 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0191 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48106 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/33609 | 2018-10-11 | |
| http://www.securityfocus.com/bid/33358 | 2018-10-11 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/31160 | 2018-10-11 | |
| http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt | 2018-10-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trend Micro Search vendor "Trend Micro" | Internet Security 2007 Search vendor "Trend Micro" for product "Internet Security 2007" | * | - |
Affected
| ||||||
| Trend Micro Search vendor "Trend Micro" | Internet Security 2008 Search vendor "Trend Micro" for product "Internet Security 2008" | 17.0.1224 Search vendor "Trend Micro" for product "Internet Security 2008" and version "17.0.1224" | - |
Affected
| ||||||
| Trend Micro Search vendor "Trend Micro" | Officescan Search vendor "Trend Micro" for product "Officescan" | 8.0 Search vendor "Trend Micro" for product "Officescan" and version "8.0" | sp1 |
Affected
| ||||||