CVE-2008-1302

The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:44

Type Values Removed Values Added
References () http://aluigi.altervista.org/adv/perforces-adv.txt - () http://aluigi.altervista.org/adv/perforces-adv.txt -
References () http://aluigi.org/poc/perforces.zip - () http://aluigi.org/poc/perforces.zip -
References () http://secunia.com/advisories/29231 - Vendor Advisory () http://secunia.com/advisories/29231 - Vendor Advisory
References () http://securityreason.com/securityalert/3735 - () http://securityreason.com/securityalert/3735 -
References () http://www.securityfocus.com/archive/1/489179/100/0/threaded - () http://www.securityfocus.com/archive/1/489179/100/0/threaded -
References () http://www.securityfocus.com/bid/28108 - () http://www.securityfocus.com/bid/28108 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41016 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41016 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41363 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41363 -

Information

Published : 2008-03-12 17:44

Updated : 2024-11-21 00:44


NVD link : CVE-2008-1302

Mitre link : CVE-2008-1302

CVE.ORG link : CVE-2008-1302


JSON object : View

Products Affected

microsoft

  • windows

perforce

  • perforce_server
CWE
CWE-189

Numeric Errors