Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1440


Vulnerability Score 7.1 7.1
CVE Id CVE-2008-1440
Last Modified 07 Mar 2011 10:07:05
Published 11 Jun 2008 10:32:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the "PGM Invalid Length Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2003

  • Microsoft Windows Xp

  • Microsoft Windows-nt Xp


CERT - TA08-162B

BID - 29508

MS - MS08-036

SECUNIA - 30587

VUPEN - ADV-2008-1783

SECTRACK - 1020230

Last Updated: 27 May 2016 10:47:08