CVE-2008-0324

medium

Cisco

CVSS v3 Base Score

4.9

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS Score

0.6%

Exploitation probability in 30 days

Top 31% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: January 17, 2008 (6692 days ago)

Last Modified: April 23, 2026

Vendor: Cisco

Source: NVD

Description

Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.

CWE

CWE-399

Affected Products

cisco vpn client

References

🔗 secunia.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.vupen.com 🔗 exchange.xforce.ibmcloud.com

CVE-2008-0324

Vulnerability Report

Description

CWE

Affected Products

References