Lucene search

[email protected]CVE-2008-0492

HistoryJan 30, 2008 - 10:00 p.m.

CVE-2008-0492

2008-01-3022:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0492

stack-based buffer overflow

persits.xupload.2

xupload.ocx

nvd

activex control

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.902 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

persitsxuploadMatch3.0

CPENameOperatorVersion
persits:xuploadpersits xuploadeq3.0

CPE	Name	Operator	Version
persits:xupload	persits xupload	eq	3.0

References

secunia.com/advisories/28660

www.securityfocus.com/bid/27456

www.vupen.com/english/advisories/2008/0315

exchange.xforce.ibmcloud.com/vulnerabilities/39967

www.exploit-db.com/exploits/4987

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.902 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2008-0492

prion1 packetstorm1 cvelist1 nvd1