The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference.
2008-03-12T17:44:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | perforce | perforce_server | ≤ 2007.3_143793 | Yes |
| Application | perforce | perforce_server | 2000.1 | Yes |
| Application | perforce | perforce_server | 2000.2 | Yes |
| Application | perforce | perforce_server | 2001.1 | Yes |
| Application | perforce | perforce_server | 2001.2 | Yes |
| Application | perforce | perforce_server | 2002.1 | Yes |
| Application | perforce | perforce_server | 2002.2 | Yes |
| Application | perforce | perforce_server | 2003.1 | Yes |
| Application | perforce | perforce_server | 2003.2 | Yes |
| Application | perforce | perforce_server | 2004.2 | Yes |
| Application | perforce | perforce_server | 2005.1 | Yes |
| Application | perforce | perforce_server | 2005.2 | Yes |
| Application | perforce | perforce_server | 2006.1 | Yes |
| Application | perforce | perforce_server | 2006.2 | Yes |
| Application | perforce | perforce_server | 2007.2 | Yes |
| Application | perforce | perforce_server | 2007.3 | Yes |