Vulnerabilities > Perforce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-14 | CVE-2008-1338 | Numeric Errors vulnerability in Perforce Server The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. | 7.8 |
| 2008-03-12 | CVE-2008-1303 | Improper Input Validation vulnerability in Perforce Server The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference. | 5.0 |
| 2008-03-12 | CVE-2008-1302 | Numeric Errors vulnerability in Perforce Server The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | 5.0 |
| 2007-12-20 | CVE-2007-6349 | Resource Management Errors vulnerability in Perforce P4Web 2006.1/2006.2 P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0. | 7.8 |
| 2007-01-08 | CVE-2007-0100 | Remote Security vulnerability in Perforce Client The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server. | 10.0 |