cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_server_2003::sp1 cpe:/o:microsoft:windows_server_2003::sp1:itanium cpe:/o:microsoft:windows_server_2003::sp1:x64 cpe:/o:microsoft:windows_server_2003::sp2 cpe:/o:microsoft:windows_server_2003::sp2:itanium cpe:/o:microsoft:windows_server_2003::sp2:x64 cpe:/o:microsoft:windows_server_2008 cpe:/o:microsoft:windows_server_2008:::itanium cpe:/o:microsoft:windows_server_2008:::x32 cpe:/o:microsoft:windows_server_2008:::x64 cpe:/o:microsoft:windows_vista cpe:/o:microsoft:windows_vista:::x64 cpe:/o:microsoft:windows_vista::sp1:x64 cpe:/o:microsoft:windows_vista:sp1 cpe:/o:microsoft:windows_xp::sp2 cpe:/o:microsoft:windows_xp::sp2:x64 cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_xp::x64 CVE-2008-4038 2008-10-14T20:12:16.020-04:00 2017-09-28T21:31:57.040-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-10-15T16:47:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1021049 BID 31647 SECUNIA 32249 VUPEN ADV-2008-2814 HP HPSBST02379 MS MS08-063 HP SSRT080143 CERT TA08-288A XF win-ms08kb957095-update(45561) XF win-smb-filename-bu(45560) Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."