Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044) |
Informations | |||
---|---|---|---|
Name | MS08-029 | First vendor Publication | 2008-05-13 |
Vendor | Microsoft | Last vendor Modification | 2008-05-13 |
Severity (Vendor) | Moderate | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker could exploit either of the vulnerabilities by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited this vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart. |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13981 | |||
Oval ID: | oval:org.mitre.oval:def:13981 | ||
Title: | Microsoft Malware Protection Engine Vulnerability-I | ||
Description: | Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1437 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Antigen for Exchange Microsoft Antigen for SMTP Gateway Microsoft Forefront Security for Exchange Server Microsoft Forefront Security for SharePoint Microsoft Windows Defender Windows Live OneCare |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14375 | |||
Oval ID: | oval:org.mitre.oval:def:14375 | ||
Title: | Microsoft Malware Protection Engine Vulnerability-II | ||
Description: | Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1438 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Antigen for Exchange Microsoft Antigen for SMTP Gateway Microsoft Forefront Security for Exchange Server Microsoft Forefront Security for SharePoint Microsoft Windows Defender Windows Live OneCare |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45028 | Microsoft Malware Protection Engine File Parsing Disk-space Exhaustion DoS |
45027 | Microsoft Malware Protection Engine File Parsing Service DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Malware Protection Engine file processing denial of service attempt RuleID : 17306 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | Microsoft malware protection engine denial of service attempt RuleID : 13802 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft malware protection engine denial of service attempt RuleID : 13798 - Revision : 8 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-05-13 | Name : It is possible to crash the antimalware program. File : smb_nt_ms08-029.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:45:58 |
|
2014-01-19 21:30:12 |
|
2013-05-11 00:49:19 |
|