Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-5229

EPSS 1.01% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-5229

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Windows Vista 'iphlpapi.dll'本地内核栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Windows Vista是微软发布的最新版本的操作系统。 在使用CreateIpForwardEntry2方式向IPv4路由表添加路由项时,如果对MIB_IPFORWARD_ROW2结构所包含的DestinationPrefix结构中的目标PrefixLength成员传送了大于32的非法值的话,就会破坏内核空间内存,导致随机的蓝屏崩溃。传送的非法值越大,所触发的崩溃就会越快出现。 此外如果使用系统自带的route add命令并在子网掩码中使用了非法值的话,该命令也可以触发相同的缓冲区溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-5229

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-5229

登录查看更多情报信息。

Same Patch Batch · n/a · 2008-11-25 · 25 CVEs total

CVE-2008-5227PHPCow 代码注入漏洞
CVE-2008-5221wPortfolio '/admin/userinfo.php' 权限绕过漏洞
CVE-2008-5220wPortfolio '/admin/upload_form.php' 任意文件上传漏洞
CVE-2008-5219VideoScript 'admin/cp.php'访问控制漏洞
CVE-2008-5218Scriptsez FREEze Greetings s 'pwd.txt'访问控制漏洞
CVE-2008-5226Joomla! and Mambo Mamb Ads Component 'index.php' 'ma_cat' Parameter SQL注入漏洞
CVE-2008-5225Xerox DocuShare多个跨站脚本漏洞
CVE-2008-5224Kent WEB MART 未明跨站脚本攻击漏洞
CVE-2008-5223AirvaeCommerce 'index.php' SQL注入漏洞
CVE-2008-5222Aspsky.Net 动网论坛DvBBS 'login.asp'脚本SQL注入漏洞
CVE-2008-5230WPA加密标准TKIP密钥破解漏洞
CVE-2008-5228IBM Workplace Web Content Management URL参数远程跨站脚本漏洞
CVE-2008-1586Apple iPhone 3GS 资源管理错误漏洞
CVE-2008-5109Adobe Flash Media Server 配置错误漏洞
CVE-2008-4829Streamripper 'lib/http.c'文件多个缓冲区溢出漏洞
CVE-2008-4233Apple Safari 安全漏洞
CVE-2008-4232Apple iPhone 安全漏洞
CVE-2008-4231Apple iPhone 资源管理错误漏洞
CVE-2008-4230Apple iPhone 信息泄露漏洞
CVE-2008-4229Apple iPhone 竞争条件问题漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-5229

No comments yet

Leave a comment