CVE-2008-1438
medium
Microsoft CVSS v3 Base Score
5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Score
43.7%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P
Vulnerability Report
Generated by CyberWatcher
Description
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.
CWE
CWE-399Affected Products
microsoft antigen for exchangemicrosoft antigen for smtp gatewaymicrosoft diagnostics and recovery toolkitmicrosoft forefront client securitymicrosoft forefront security for exchange servermicrosoft forefront security for sharepointmicrosoft malware protection enginemicrosoft windows defendermicrosoft windows live onecare