Lucene search

[email protected]CVE-2008-0248

HistoryJan 12, 2008 - 2:46 a.m.

CVE-2008-0248

2008-01-1202:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0248

buffer overflow

activex control

streamaudio chaincast proxymanager

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.116 Low

EPSS

Percentile

95.3%

JSON

Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.

Affected configurations

NVD

Node

streamaudiochaincast_proxymanager_activex_control

CPENameOperatorVersion
streamaudio:chaincast_proxymanager_activex_controlstreamaudio chaincast proxymanager activex controleq*

CPE	Name	Operator	Version
streamaudio:chaincast_proxymanager_activex_control	streamaudio chaincast proxymanager activex control	eq	*

References

lists.grok.org.uk/pipermail/full-disclosure/2008-January/059572.html

secunia.com/advisories/28461

www.securityfocus.com/bid/27247

www.vupen.com/english/advisories/2008/0133

exchange.xforce.ibmcloud.com/vulnerabilities/39622

www.exploit-db.com/exploits/4894

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.116 Low

EPSS

Percentile

95.3%

JSON

Related for CVE-2008-0248

prion1 cvelist1 nvd1