CVE-2008-5409

high

Description

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.

References

https://www.exploit-db.com/exploits/7178

https://exchange.xforce.ibmcloud.com/vulnerabilities/46750

http://secunia.com/advisories/32814

http://secunia.com/advisories/32789

http://secunia.com/advisories/27805

http://osvdb.org/50205

http://osvdb.org/50103

http://osvdb.org/50010

http://milw0rm.com/sploits/2008-BitDefenderDOS.zip

Details

Source: Mitre, NVD

Published: 2008-12-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.11112