CVE-2008-1438

Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.

Published: May 14, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1438
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
microsoft / forefront_client_security	-	-
microsoft / windows_defender	-	-
microsoft / forefront_security_for_exchange_server	-	-
microsoft / antigen_for_exchange	-	-
microsoft / antigen_for_smtp_gateway	-	-
microsoft / malware_protection_engine	0.1.13.192	0.1.13.192.x
microsoft / windows_live_onecare	-	-
microsoft / diagnostics_and_recovery_toolkit	6.0	6.0.x
microsoft / malware_protection_engine	1.1.3520.0	1.1.3520.0.x
microsoft / forefront_security_for_sharepoint	-	-

Vulnerability Database

289,599

CVE-2008-1438