CVE-2008-4403 — Micro Officescan vulnerability

CWE-3993 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

3.9%

top 11.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Officescan

Timeline

PublishedOct 3

Latest updateMay 2

Description

The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via crafted HTTP headers, related to the "error handling mechanism."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDtrend_micro/officescan8.0

🔴Vulnerability Details

GHSA

GHSA-qfv9-4gwp-p4m6: The CGI modules in the server in Trend Micro OfficeScan 8↗2022-05-02

▶

CVEList

CVE-2008-4403: The CGI modules in the server in Trend Micro OfficeScan 8↗2008-10-03

▶