Vulnerability Description
Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a packet with an invalid length field, which causes an out-of-bounds read.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Acronis | True Image | <= 1.5.19.191 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/acrogroup-adv.txt
- http://secunia.com/advisories/29306Vendor Advisory
- http://www.securityfocus.com/archive/1/489353/100/0/threaded
- http://www.securityfocus.com/bid/28169
- http://www.vupen.com/english/advisories/2008/0813/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41071
- http://aluigi.altervista.org/adv/acrogroup-adv.txt
- http://secunia.com/advisories/29306Vendor Advisory
- http://www.securityfocus.com/archive/1/489353/100/0/threaded
- http://www.securityfocus.com/bid/28169
- http://www.vupen.com/english/advisories/2008/0813/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41071
FAQ
What is CVE-2008-1279?
CVE-2008-1279 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of serv...
How severe is CVE-2008-1279?
CVE-2008-1279 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1279?
Check the references section above for vendor advisories and patch information. Affected products include: Acronis True Image.