Vulnerability Report

CVE-2008-1280

Title: Acronis True Image Memory Corruption

Memory Corruption

Proof Of Concept

No public PoC currently indexed for CVE-2008-1280.

CWE Category CWE-20

Published Date Mar 10, 2008

Modified Date Apr 09, 2025

Exploit Status Not Found

Score 5.0 CVSS v2.0

Exploit Probability (EPSS)

1.37%

Vulnerability Summary

CVE-2008-1280: Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference.

Impacted Vendors

acronis 2

Reference Links

http://aluigi.altervista.org/adv/acroagent-adv.txt http://secunia.com/advisories/29306 http://www.securityfocus.com/archive/1/489362/100/0/threaded http://www.securityfocus.com/bid/28169 http://www.vupen.com/english/advisories/2008/0812/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41070 http://aluigi.altervista.org/adv/acroagent-adv.txt http://secunia.com/advisories/29306 http://www.securityfocus.com/archive/1/489362/100/0/threaded http://www.securityfocus.com/bid/28169 http://www.vupen.com/english/advisories/2008/0812/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41070

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2008-1280 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 09, 2025 MODIFIED

Vulnerability data or affected products updated.

March 10, 2008 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Stack

No specific products linked.