Perforce : Security Vulnerabilities, CVEs, Published In 2010
Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
Max CVSS
4.6
EPSS Score
0.24%
Published
2010-03-05
Updated
2010-03-08
The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script.
Max CVSS
7.1
EPSS Score
1.06%
Published
2010-03-05
Updated
2010-03-08
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command.
Max CVSS
6.8
EPSS Score
0.14%
Published
2010-03-05
Updated
2012-06-15
The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain MKD command.
Max CVSS
5.0
EPSS Score
0.18%
Published
2010-03-05
Updated
2010-03-08
The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data, possibly involving a large sndbuf value.
Max CVSS
5.0
EPSS Score
0.21%
Published
2010-03-05
Updated
2010-03-08
The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number.
Max CVSS
5.0
EPSS Score
0.20%
Published
2010-03-05
Updated
2010-03-08
The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff.
Max CVSS
5.0
EPSS Score
0.21%
Published
2010-03-05
Updated
2010-03-08
7 vulnerabilities found