CVE-2008-1437

CWE-3993 documents3 sources
Severity
5.0MEDIUM
EPSS
50.3%
top 2.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Diagnostics AND Recovery ToolkitMicrosoft Malware Protection Engine
Timeline
PublishedMay 13
Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/malware_protection_engine0.1.13.192, 1.1.3520.0+1

🔴Vulnerability Details

2
GHSA
GHSA-ggmf-jrq4-84qj: Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine2022-05-01
CVEList
CVE-2008-1437: Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine2008-05-13
CVE-2008-1437 (MEDIUM CVSS 5) | Unspecified vulnerability in Micros | cvebase.io