Vulnerability Details : CVE-2008-0088
Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-0088
Probability of exploitation activity in the next 30 days: 96.63%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-0088
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:C |
8.0
|
6.9
|
NIST |
CWE ids for CVE-2008-0088
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-0088
-
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
Page Not Found | CISAUS Government Resource
-
http://www.vupen.com/english/advisories/2008/0505/references
-
http://www.securitytracker.com/id?1019382
-
http://marc.info/?l=bugtraq&m=120361015026386&w=2
'[security bulletin] HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Pat' - MARC
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5181
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-003
-
http://www.securityfocus.com/bid/27638
Products affected by CVE-2008-0088
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*