Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2003


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2003
Last Modified 29 Jan 2009 01:48:57
Published 28 Apr 2008 04:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dyndns.exe. NOTE: this can be leveraged for arbitrary remote code execution in conjunction with CVE-2007-6378.

Vulnerable Systems


  • Badblue 2.72


XF - badblue-multiple-weak-security(42090)

BUGTRAQ - 20080424 DDIVRT-2008-11 BadBlue uninst.exe DoS

SREASON - 3832

Last Updated: 27 May 2016 10:47:44