CVE-2008-1279
Acronis True Image < 1.5.19.191 and < 9.5.0.8072 - Denial of Service via Invalid Packet Length
Title source: llmDescription
Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a packet with an invalid length field, which causes an out-of-bounds read.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29306
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0813/references
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489353/100/0/threaded
Third Party Advisory x_refsource_misc
http://aluigi.altervista.org/adv/acrogroup-adv.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41071
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28169
Scores
EPSS
0.0119
EPSS Percentile
79.1%
Details
CWE
CWE-20
Status
published
Products (2)
acronis/true_image
< 1.5.19.191
acronis/true_image
< 9.5.0.8072
Published
Mar 10, 2008
Tracked Since
Feb 18, 2026