CyberSec.Space Logo
Back to CVE Browser

CVE-2008-5280

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile19.03th
PublishedNov 29, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server 2.0 and 2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted requests without required parameters.

Affected Platforms (CPE)

πŸ“¦
Zilab

Zim Server

<= 2.1
πŸ“¦
Zilab

Zim Server

= 2.0

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/zilabzcsx-adv.txt
πŸ”— http://aluigi.org/poc/zilabzcsx.zip
πŸ”— http://secunia.com/advisories/29062
πŸ”— http://www.securityfocus.com/bid/27940
πŸ”— http://www.vupen.com/english/advisories/2008/0664
πŸ”— http://www.vupen.com/english/advisories/2008/0665
πŸ”— http://aluigi.altervista.org/adv/zilabzcsx-adv.txt
πŸ”— http://aluigi.org/poc/zilabzcsx.zip

Related Vulnerabilities

CVE-2008-527910.0

The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and earlier allow remote attackers to execute ...

CVE-2008-034310.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has u...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-073510.0

SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL c...