CVE-2008-5409

Exploit

EPSS 21.88%
Published 10.12.2008 06:44:42
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter.  NOTE: some of these details are obtained from third party information.

Affected products Warnungen 0 Metrics 2 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Bitdefender ≫ Antivirus Version10 Update_nil_ Editionstandard

Bitdefender ≫ Bitdefender Version10 Update_nil_ Editionfree_edition

Bullguard ≫ Internet Security Version8.5

Software602 ≫ Groupware Server Version6.0.08.1118

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	21.88%	0.955

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://milw0rm.com/sploits/2008-BitDefenderDOS.zip

http://osvdb.org/50010

http://osvdb.org/50103

http://osvdb.org/50205

http://secunia.com/advisories/27805

Vendor Advisory

http://secunia.com/advisories/32789

Vendor Advisory

http://secunia.com/advisories/32814

Vendor Advisory

http://www.securityfocus.com/bid/32396

Exploit