CVE-2008-0437

Sažetak

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Reference

http://marc.info/?l=full-disclosure&m=120098751528333&w=2
http://secunia.com/advisories/28595
http://www.securityfocus.com/bid/27384
http://www.vupen.com/english/advisories/2008/0236
https://exchange.xforce.ibmcloud.com/vulnerabilities/39836
https://www.exploit-db.com/exploits/4959

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-09-2017 - 01:30

Objavljeno

23-01-2008 - 22:00