CVE-2008-4384

critical

Description

Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45699

http://www.vupen.com/english/advisories/2008/2749

http://www.securityfocus.com/bid/31604

http://www.kb.cert.org/vuls/id/848873

http://secunia.com/advisories/32140

Details

Source: Mitre, NVD

Published: 2008-10-07

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics