CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1438

Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.437

EPSS Ranking 97.3%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2008-1438

Microsoft » Antigen For Exchange » Version: Any

cpe:2.3:a:microsoft:antigen_for_exchange:*
Microsoft » Antigen For Smtp Gateway » Version: Any

cpe:2.3:a:microsoft:antigen_for_smtp_gateway:*
Microsoft » Diagnostics And Recovery Toolkit » Version: 6.0

cpe:2.3:a:microsoft:diagnostics_and_recovery_toolkit:6.0
Microsoft » Forefront Client Security » Version: 1.0

cpe:2.3:a:microsoft:forefront_client_security:1.0
Microsoft » Forefront Security For Exchange Server » Version: Any

cpe:2.3:a:microsoft:forefront_security_for_exchange_server:*
Microsoft » Forefront Security For Sharepoint » Version: Any

cpe:2.3:a:microsoft:forefront_security_for_sharepoint:*
Microsoft » Malware Protection Engine » Version: 0.1.13.192

cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192
Microsoft » Malware Protection Engine » Version: 1.1.3520.0

cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0
Microsoft » Windows Defender » Version: N/A

cpe:2.3:a:microsoft:windows_defender:-
Microsoft » Windows Defender » Version: 1.1.23060.3001

cpe:2.3:a:microsoft:windows_defender:1.1.23060.3001
Microsoft » Windows Defender » Version: 4.18.23100.2009

cpe:2.3:a:microsoft:windows_defender:4.18.23100.2009
Microsoft » Windows Live Onecare » Version: N/A

cpe:2.3:a:microsoft:windows_live_onecare:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1438

Products

Pricing

Contact Us