Lucene search

[email protected]CVE-2008-0090

HistoryJan 04, 2008 - 1:46 a.m.

CVE-2008-0090

2008-01-0401:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0090

activex control

npupload.dll

divx player

denial of service

vulnerability

internet explorer 7

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.6%

JSON

A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.

CPENameOperatorVersion
divx:divx_playerdivx divx playereq6.6.0
microsoft:internet_explorermicrosoft internet explorereq7

CPE	Name	Operator	Version
divx:divx_player	divx divx player	eq	6.6.0
microsoft:internet_explorer	microsoft internet explorer	eq	7

References

www.securityfocus.com/bid/27106

exchange.xforce.ibmcloud.com/vulnerabilities/39386

www.exploit-db.com/exploits/4829

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2008-0090

prion1