Detections
Analytics
MS08-029: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
medium Nessus Plugin ID 32313
Synopsis
It is possible to crash the antimalware program.Description
The remote host is running a version of Windows Malware Protection engine that is vulnerable to a bug in the file handling routine which could allow an attacker to crash the protection engine.Solution
Microsoft has released a set of patches for Windows Defender and Live OneCare.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2008/ms08-029
Plugin Details
Severity: Medium
ID: 32313
File Name: smb_nt_ms08-029.nasl
Version: 1.24
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 5/13/2008
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: cpe:/a:microsoft:forefront_security, cpe:/a:microsoft:forefront_client_security, cpe:/a:microsoft:antigen, cpe:/a:microsoft:windows_live_onecare, cpe:/a:microsoft:windows_defender
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 5/13/2008
Vulnerability Publication Date: 5/13/2008
Reference Information
CVE: CVE-2008-1437, CVE-2008-1438