CVE-2008-5409

Sažetak

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.

Reference

http://milw0rm.com/sploits/2008-BitDefenderDOS.zip
http://osvdb.org/50010
http://osvdb.org/50103
http://osvdb.org/50205
http://secunia.com/advisories/27805
http://secunia.com/advisories/32789
http://secunia.com/advisories/32814
http://www.securityfocus.com/bid/32396
https://exchange.xforce.ibmcloud.com/vulnerabilities/46750
https://www.exploit-db.com/exploits/7178

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-10-2017 - 01:30

Objavljeno

10-12-2008 - 06:44