CVE-2008-4250 (GCVE-0-2008-4250)
Vulnerability from cvelistv5 – Published: 2008-10-23 21:00 – Updated: 2026-05-21 03:55
VLAI
CISA KEV
Summary
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
19 references
Date Public
2008-10-23 00:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 8ee904d7-8c61-45ee-99f4-92c3851939d5
Exploited: Yes
Timestamps
First Seen: 2026-05-20
Asserted: 2026-05-20
Scope
Notes: KEV entry: Microsoft Windows Buffer Overflow Vulnerability | Affected: Microsoft / Windows | Description: Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-06-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-94 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Windows |
| Due Date | 2026-06-03 |
| Date Added | 2026-05-20 |
| Vendorproject | Microsoft |
| Vulnerabilityname | Microsoft Windows Buffer Overflow Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-05-20 18:00 UTC
| Updated: 2026-05-20 18:00 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT080164",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "32326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32326"
},
{
"name": "VU#827267",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/827267"
},
{
"name": "1021091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021091"
},
{
"name": "7132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7132"
},
{
"name": "6841",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6841"
},
{
"name": "31874",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31874"
},
{
"name": "HPSBST02386",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "MS08-067",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.securiteam.com/index.php/archives/1150"
},
{
"name": "6824",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6824"
},
{
"name": "ADV-2008-2902",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2902"
},
{
"name": "win-server-rpc-code-execution(46040)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46040"
},
{
"name": "20081026 Windows RPC MS08-067 FAQ document released",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497808/100/0/threaded"
},
{
"name": "TA08-297A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-297A.html"
},
{
"name": "7104",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7104"
},
{
"name": "TA09-088A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-088A.html"
},
{
"name": "oval:org.mitre.oval:def:6093",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093"
},
{
"name": "20081027 Windows RPC MS08-067 FAQ document updated",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497816/100/0/threaded"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2008-4250",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-20T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-05-20",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T03:55:20.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-20T00:00:00.000Z",
"value": "CVE-2008-4250 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \"Server Service Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SSRT080164",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "32326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32326"
},
{
"name": "VU#827267",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/827267"
},
{
"name": "1021091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021091"
},
{
"name": "7132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7132"
},
{
"name": "6841",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6841"
},
{
"name": "31874",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31874"
},
{
"name": "HPSBST02386",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "MS08-067",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.securiteam.com/index.php/archives/1150"
},
{
"name": "6824",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6824"
},
{
"name": "ADV-2008-2902",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2902"
},
{
"name": "win-server-rpc-code-execution(46040)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46040"
},
{
"name": "20081026 Windows RPC MS08-067 FAQ document released",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497808/100/0/threaded"
},
{
"name": "TA08-297A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-297A.html"
},
{
"name": "7104",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7104"
},
{
"name": "TA09-088A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-088A.html"
},
{
"name": "oval:org.mitre.oval:def:6093",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093"
},
{
"name": "20081027 Windows RPC MS08-067 FAQ document updated",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497816/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2008-4250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \"Server Service Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT080164",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "32326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32326"
},
{
"name": "VU#827267",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/827267"
},
{
"name": "1021091",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021091"
},
{
"name": "7132",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7132"
},
{
"name": "6841",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6841"
},
{
"name": "31874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31874"
},
{
"name": "HPSBST02386",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
},
{
"name": "MS08-067",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067"
},
{
"name": "http://blogs.securiteam.com/index.php/archives/1150",
"refsource": "MISC",
"url": "http://blogs.securiteam.com/index.php/archives/1150"
},
{
"name": "6824",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6824"
},
{
"name": "ADV-2008-2902",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2902"
},
{
"name": "win-server-rpc-code-execution(46040)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46040"
},
{
"name": "20081026 Windows RPC MS08-067 FAQ document released",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497808/100/0/threaded"
},
{
"name": "TA08-297A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-297A.html"
},
{
"name": "7104",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7104"
},
{
"name": "TA09-088A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-088A.html"
},
{
"name": "oval:org.mitre.oval:def:6093",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093"
},
{
"name": "20081027 Windows RPC MS08-067 FAQ document updated",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497816/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2008-4250",
"datePublished": "2008-10-23T21:00:00.000Z",
"dateReserved": "2008-09-25T00:00:00.000Z",
"dateUpdated": "2026-05-21T03:55:20.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2008-4250",
"cwes": "[\"CWE-94\"]",
"dateAdded": "2026-05-20",
"dueDate": "2026-06-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250",
"product": "Windows",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.",
"vendorProject": "Microsoft",
"vulnerabilityName": "Microsoft Windows Buffer Overflow Vulnerability"
},
"epss": {
"cve": "CVE-2008-4250",
"date": "2026-05-27",
"epss": "0.92078",
"percentile": "0.99719"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*\", \"matchCriteriaId\": \"E3C43D05-40F8-4769-BA6B-A376420EA972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"43D64F8D-975A-4A5B-BEDF-D27D65C96A29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:-:*:itanium:*\", \"matchCriteriaId\": \"8856A97B-4C43-45E5-B1DB-89EB9C350265\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D929AA2-EE0B-4AA1-805D-69BCCA11B77F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:*\", \"matchCriteriaId\": \"9F98AE07-3995-4501-9804-FEA5A87ADFAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*\", \"matchCriteriaId\": \"A7371547-290D-4D0D-B98D-CA28B4D2E8B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:itanium:*\", \"matchCriteriaId\": \"87842DF1-F3AC-4585-A117-904B936D5C9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x64:*\", \"matchCriteriaId\": \"3A118DC8-CD3A-461F-867E-5174F24FBAE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x86:*\", \"matchCriteriaId\": \"1114016B-B51D-495D-96AC-A0E7992DA551\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*\", \"matchCriteriaId\": \"51160A46-6768-44D5-89CD-6DB9D2268A2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:-:*:x64:*\", \"matchCriteriaId\": \"889F98DA-4266-470B-AE3D-480BDF6BADB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*\", \"matchCriteriaId\": \"4902A7BD-0645-4CAC-8EA8-24BD2D8B893A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*\", \"matchCriteriaId\": \"C6109348-BC79-4ED3-8D41-EA546A540C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \\\"Server Service Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"El servicio servidor en Microsoft Windows versiones 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, vista Gold y SP1, Server 2008 y 7 Pre-Beta, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de una petici\\u00f3n RPC creada que desencadena el desbordamiento durante una Canonicalizaci\\u00f3n de Path, como explotaci\\u00f3n en la naturaleza por Gimmiv.A en octubre de 2008, tambi\\u00e9n se conoce como \\\"Server Service Vulnerability\\\"\"}]",
"id": "CVE-2008-4250",
"lastModified": "2024-11-21T00:51:15.897",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2008-10-23T22:00:01.357",
"references": "[{\"url\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Issue Tracking\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Issue Tracking\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32326\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/827267\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497808/100/0/threaded\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497816/100/0/threaded\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/31874\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1021091\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2902\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6824\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6841\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7104\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7132\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32326\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/827267\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497808/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497816/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/31874\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1021091\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2902\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6824\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6841\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7132\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-4250\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2008-10-23T22:00:01.357\",\"lastModified\":\"2026-05-21T12:57:17.353\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \\\"Server Service Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"El servicio servidor en Microsoft Windows versiones 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, vista Gold y SP1, Server 2008 y 7 Pre-Beta, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una petici\u00f3n RPC creada que desencadena el desbordamiento durante una Canonicalizaci\u00f3n de Path, como explotaci\u00f3n en la naturaleza por Gimmiv.A en octubre de 2008, tambi\u00e9n se conoce como \\\"Server Service Vulnerability\\\"\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2026-05-20\",\"cisaActionDue\":\"2026-06-03\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft Windows Buffer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"E3C43D05-40F8-4769-BA6B-A376420EA972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"43D64F8D-975A-4A5B-BEDF-D27D65C96A29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:-:*:itanium:*\",\"matchCriteriaId\":\"8856A97B-4C43-45E5-B1DB-89EB9C350265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D929AA2-EE0B-4AA1-805D-69BCCA11B77F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:*\",\"matchCriteriaId\":\"9F98AE07-3995-4501-9804-FEA5A87ADFAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*\",\"matchCriteriaId\":\"A7371547-290D-4D0D-B98D-CA28B4D2E8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:itanium:*\",\"matchCriteriaId\":\"87842DF1-F3AC-4585-A117-904B936D5C9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x64:*\",\"matchCriteriaId\":\"3A118DC8-CD3A-461F-867E-5174F24FBAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x86:*\",\"matchCriteriaId\":\"1114016B-B51D-495D-96AC-A0E7992DA551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"51160A46-6768-44D5-89CD-6DB9D2268A2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:-:*:x64:*\",\"matchCriteriaId\":\"889F98DA-4266-470B-AE3D-480BDF6BADB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*\",\"matchCriteriaId\":\"4902A7BD-0645-4CAC-8EA8-24BD2D8B893A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*\",\"matchCriteriaId\":\"C6109348-BC79-4ED3-8D41-EA546A540C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9\"}]}]}],\"references\":[{\"url\":\"http://blogs.securiteam.com/index.php/archives/1150\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/32326\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/827267\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/497808/100/0/threaded\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/497816/100/0/threaded\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/31874\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1021091\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\",\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2902\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"https://www.exploit-db.com/exploits/6824\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/6841\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/7104\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/7132\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://blogs.securiteam.com/index.php/archives/1150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/32326\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/827267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/497808/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/497816/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/31874\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1021091\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\",\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2902\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"https://www.exploit-db.com/exploits/6824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/6841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/7104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/7132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"SSRT080164\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/32326\", \"name\": \"32326\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/827267\", \"name\": \"VU#827267\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1021091\", \"name\": \"1021091\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7132\", \"name\": \"7132\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6841\", \"name\": \"6841\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/31874\", \"name\": \"31874\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"HPSBST02386\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\", \"name\": \"MS08-067\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6824\", \"name\": \"6824\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2902\", \"name\": \"ADV-2008-2902\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\", \"name\": \"win-server-rpc-code-execution(46040)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497808/100/0/threaded\", \"name\": \"20081026 Windows RPC MS08-067 FAQ document released\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\", \"name\": \"TA08-297A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7104\", \"name\": \"7104\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\", \"name\": \"TA09-088A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\", \"name\": \"oval:org.mitre.oval:def:6093\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497816/100/0/threaded\", \"name\": \"20081027 Windows RPC MS08-067 FAQ document updated\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T10:08:34.970Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2008-4250\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-20T17:22:12.049675Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-05-20\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-20T17:22:05.916Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-20T00:00:00.000Z\", \"value\": \"CVE-2008-4250 added to CISA KEV\"}]}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2008-10-23T00:00:00.000Z\", \"references\": [{\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"SSRT080164\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/32326\", \"name\": \"32326\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/827267\", \"name\": \"VU#827267\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://www.securitytracker.com/id?1021091\", \"name\": \"1021091\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7132\", \"name\": \"7132\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6841\", \"name\": \"6841\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.securityfocus.com/bid/31874\", \"name\": \"31874\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"HPSBST02386\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\", \"name\": \"MS08-067\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.exploit-db.com/exploits/6824\", \"name\": \"6824\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2902\", \"name\": \"ADV-2008-2902\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\", \"name\": \"win-server-rpc-code-execution(46040)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497808/100/0/threaded\", \"name\": \"20081026 Windows RPC MS08-067 FAQ document released\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\", \"name\": \"TA08-297A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"https://www.exploit-db.com/exploits/7104\", \"name\": \"7104\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\", \"name\": \"TA09-088A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\", \"name\": \"oval:org.mitre.oval:def:6093\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/497816/100/0/threaded\", \"name\": \"20081027 Windows RPC MS08-067 FAQ document updated\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \\\"Server Service Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2018-10-12T19:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"SSRT080164\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/32326\", \"name\": \"32326\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/827267\", \"name\": \"VU#827267\", \"refsource\": \"CERT-VN\"}, {\"url\": \"http://www.securitytracker.com/id?1021091\", \"name\": \"1021091\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://www.exploit-db.com/exploits/7132\", \"name\": \"7132\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://www.exploit-db.com/exploits/6841\", \"name\": \"6841\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.securityfocus.com/bid/31874\", \"name\": \"31874\", \"refsource\": \"BID\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"name\": \"HPSBST02386\", \"refsource\": \"HP\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067\", \"name\": \"MS08-067\", \"refsource\": \"MS\"}, {\"url\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"name\": \"http://blogs.securiteam.com/index.php/archives/1150\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.exploit-db.com/exploits/6824\", \"name\": \"6824\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2902\", \"name\": \"ADV-2008-2902\", \"refsource\": \"VUPEN\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040\", \"name\": \"win-server-rpc-code-execution(46040)\", \"refsource\": \"XF\"}, {\"url\": \"http://www.securityfocus.com/archive/1/497808/100/0/threaded\", \"name\": \"20081026 Windows RPC MS08-067 FAQ document released\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-297A.html\", \"name\": \"TA08-297A\", \"refsource\": \"CERT\"}, {\"url\": \"https://www.exploit-db.com/exploits/7104\", \"name\": \"7104\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-088A.html\", \"name\": \"TA09-088A\", \"refsource\": \"CERT\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093\", \"name\": \"oval:org.mitre.oval:def:6093\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.securityfocus.com/archive/1/497816/100/0/threaded\", \"name\": \"20081027 Windows RPC MS08-067 FAQ document updated\", \"refsource\": \"BUGTRAQ\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka \\\"Server Service Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2008-4250\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2008-4250\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-21T03:55:20.953Z\", \"dateReserved\": \"2008-09-25T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2008-10-23T21:00:00.000Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…