5
CVE-2008-1303
- EPSS 8.11%
- Published 12.03.2008 17:44:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference.
Data is provided by the National Vulnerability Database (NVD)
Perforce ≫ Perforce Server Version <= 2007.3_143793
Perforce ≫ Perforce Server Version2000.1
Perforce ≫ Perforce Server Version2000.2
Perforce ≫ Perforce Server Version2001.1
Perforce ≫ Perforce Server Version2001.2
Perforce ≫ Perforce Server Version2002.1
Perforce ≫ Perforce Server Version2002.2
Perforce ≫ Perforce Server Version2003.1
Perforce ≫ Perforce Server Version2003.2
Perforce ≫ Perforce Server Version2004.2
Perforce ≫ Perforce Server Version2005.1
Perforce ≫ Perforce Server Version2005.2
Perforce ≫ Perforce Server Version2006.1
Perforce ≫ Perforce Server Version2006.2
Perforce ≫ Perforce Server Version2007.2
Perforce ≫ Perforce Server Version2007.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.11% | 0.917 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.