Lucene search

K

MicrosoftCVELIST:CVE-2008-0085

HistoryJul 08, 2008 - 11:00 p.m.

CVE-2008-0085

2008-07-0823:00:00

microsoft

www.cve.org

8

AI Score

6.8

Confidence

High

EPSS

0.028

Percentile

90.9%

SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.

References

secunia.com/advisories/30970

www.securityfocus.com/archive/1/516397/100/0/threaded

www.securitytracker.com/id?1020441

www.us-cert.gov/cas/techalerts/TA08-190A.html

www.vmware.com/security/advisories/VMSA-2011-0003.html

www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

www.vupen.com/english/advisories/2008/2022/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14213

AI Score

6.8

Confidence

High

EPSS

0.028

Percentile

90.9%

Related for CVELIST:CVE-2008-0085

nvd1 prion1 cve1 openvas4 mskb1 securityvulns2 nessus4 cert1