CVE Vulnerability

CVE-2008-5409

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.securityfocus.com/bid/32396 Exploit
http://secunia.com/advisories/32789 Vendor Advisory
http://secunia.com/advisories/32814 Vendor Advisory
http://osvdb.org/50205
http://milw0rm.com/sploits/2008-BitDefenderDOS.zip
http://osvdb.org/50103
http://secunia.com/advisories/27805 Vendor Advisory
http://osvdb.org/50010
https://exchange.xforce.ibmcloud.com/vulnerabilities/46750
https://www.exploit-db.com/exploits/7178
Configurations

Configuration 1

cpe:2.3:a:bullguard:internet_security:8.5:*:*:*:*:*:*:*
cpe:2.3:a:bitdefender:bitdefender:10:_nil_:free_edition:*:*:*:*:*
cpe:2.3:a:software602:groupware_server:6.0.08.1118:*:*:*:*:*:*:*
cpe:2.3:a:bitdefender:antivirus:10:_nil_:standard:*:*:*:*:*
Information

Published : 2008-12-10 06:44

Updated : 2017-10-19 01:30

NVD link : CVE-2008-5409

Mitre link : CVE-2008-5409

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer