Unspecified Denial of Service Vulnerability in Microsoft Malware Protection Engine
CVE-2008-1437

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Client Security; Windows Defender; Forefront Security For Exchange Server; Antigen For Exchange
Vendor: CVE Published:; 13 May 2008

Summary

An unspecified vulnerability in the Microsoft Malware Protection Engine (mpengine.dll) allows attackers to exploit certain crafted files, resulting in a potential denial of service. The affected versions, 1.1.3520.0 and 0.1.13.192, may hang and restart unexpectedly, impacting the availability of security services across multiple Microsoft products.

References

http://secunia.com/advisories/30172

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1020016

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/29060

vdb-entryx_refsource_BID

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 13, 2008
Vulnerability Reserved
Mar 21, 2008