CVE-2010-0931 : The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon cr

The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data, possibly involving a large sndbuf value.

Published 2010-03-05 19:30:01

Updated 2010-03-08 05:00:00

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2010-0931

Probability of exploitation activity in the next 30 days: 0.21%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-0931

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2010-0931

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-0931

http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html

Exploit

CVEs referencing this url
http://www.securityfocus.com/bid/36261

Perforce Multiple Remote Security Vulnerabilities

CVEs referencing this url

Products affected by CVE-2010-0931

Perforce » Perforce Server » Version: 2008.1
cpe:2.3:a:perforce:perforce_server:2008.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-0931

Exploit prediction scoring system (EPSS) score for CVE-2010-0931

CVSS scores for CVE-2010-0931

CWE ids for CVE-2010-0931

References for CVE-2010-0931

Products affected by CVE-2010-0931