CVE-2008-4250

Name: CVE-2008-4250
Creator: NVD / NIST
Published: 2008-10-23T22:00:01.357+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10Actively ExploitedEPSS 98.75%

Last modified Jun 16, 2026

CVE-2008-4250 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability.". CISA has confirmed active exploitation in the wild. EPSS estimates a 98.75% chance of exploitation in the next 30 days.

Description

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

98.75%

99.9th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Jun 3, 2026.

Weakness Enumeration

Affected Software

Vendor	Product	Versions	Update
Microsoft	Windows 2000	All versions	Sp4
Microsoft	Windows Server 2003	All versions	—
Microsoft	Windows Server 2008	All versions	—
Microsoft	Windows Vista	All versions	—
Microsoft	Windows Xp	All versions	—

References

http://blogs.securiteam.com/index.php/archives/1150Permissions Required
http://marc.info/?l=bugtraq&m=122703006921213&w=2Issue Tracking, Mailing List, Third Party Advisory
http://secunia.com/advisories/32326Patch, Vendor Advisory
http://www.kb.cert.org/vuls/id/827267Third Party Advisory, US Government Resource
http://www.securityfocus.com/archive/1/497808/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/497816/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/31874Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1021091Broken Link, Third Party Advisory, VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-297A.htmlBroken Link, Third Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA09-088A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2008/2902Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46040Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093Broken Link, Third Party Advisory
https://www.exploit-db.com/exploits/6824Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6841Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/7104Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/7132Exploit, Third Party Advisory, VDB Entry
http://blogs.securiteam.com/index.php/archives/1150Permissions Required
http://marc.info/?l=bugtraq&m=122703006921213&w=2Issue Tracking, Mailing List, Third Party Advisory
http://secunia.com/advisories/32326Patch, Vendor Advisory
http://www.kb.cert.org/vuls/id/827267Third Party Advisory, US Government Resource
http://www.securityfocus.com/archive/1/497808/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/497816/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/31874Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1021091Broken Link, Third Party Advisory, VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-297A.htmlBroken Link, Third Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA09-088A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2008/2902Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46040Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093Broken Link, Third Party Advisory
https://www.exploit-db.com/exploits/6824Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6841Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/7104Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/7132Exploit, Third Party Advisory, VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250US Government Resource

Timeline

Published: Oct 23, 2008
Last Modified: Jun 16, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2008-4250?

How severe is CVE-2008-4250?

CVE-2008-4250 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 98.75% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2008-4250?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-4250?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST