Unrated severityNVD Advisory· Published Jun 12, 2008· Updated Jun 16, 2026
CVE-2008-1440
CVE-2008-1440
Description
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the "PGM Invalid Length Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
- (no CPE)range: SP1, SP2
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
- (no CPE)range: SP2, SP3
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/29508nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036nvdPatchVendor Advisory
- secunia.com/advisories/30587nvdBroken LinkPermissions RequiredVendor Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-162B.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2008/1783nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473nvdBroken Link
News mentions
0No linked articles in our index yet.