Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1438


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1438
Last Modified 26 Jan 2012 10:25:09
Published 13 May 2008 06:20:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.

Vulnerable Systems


  • Microsoft Antigen For Exchange

  • Microsoft Antigen For Smtp Gateway

  • Microsoft Diagnostics And Recovery Toolkit 6.0

  • Microsoft Forefront Client Security

  • Microsoft Forefront Security For Exchange Server

  • Microsoft Forefront Security For Sharepoint

  • Microsoft Malware Protection Engine

  • Microsoft Malware Protection Engine 1.1.3520.0

  • Microsoft Windows Defender

  • Microsoft Windows Live Onecare


CERT - TA08-134A

VUPEN - ADV-2008-1506

SECTRACK - 1020016

BID - 29073

MS - MS08-029

SECUNIA - 30172

HP - SSRT080071

HP - HPSBST02336

Last Updated: 27 May 2016 10:47:08