Lucene search

[email protected]CVE-2008-0551

HistoryFeb 01, 2008 - 8:00 p.m.

CVE-2008-0551

2008-02-0120:00:00

CWE-94

[email protected]

web.nvd.nist.gov

namoinstaller

activex control

namo web editor

remote code execution

cve-2008-0551

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.346 Low

EPSS

Percentile

97.1%

JSON

The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
sejoong_namo:activesquaresejoong namo activesquareeq6
microsoft:activexmicrosoft activexeq*

CPE	Name	Operator	Version
sejoong_namo:activesquare	sejoong namo activesquare	eq	6
microsoft:activex	microsoft activex	eq	*

References

secunia.com/advisories/28649

www.securityfocus.com/bid/27453

www.securityfocus.com/bid/27580

www.vupen.com/english/advisories/2008/0299

exchange.xforce.ibmcloud.com/vulnerabilities/39943

exchange.xforce.ibmcloud.com/vulnerabilities/39974

www.exploit-db.com/exploits/4986

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.346 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2008-0551

cvelist2 prion2 cve1