Lucene search

[email protected]CVE-2008-0634

HistoryFeb 06, 2008 - 9:00 p.m.

CVE-2008-0634

2008-02-0621:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0634

buffer overflow

namoinstaller.namoinstall.1

activex control

namoinstaller.dll

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.346 Low

EPSS

Percentile

97.1%

JSON

Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.

Affected configurations

NVD

Node

sejoong_namoactivesquareMatch6

sejoong_namonamoinstall.1_activex_controlMatch3.0.0.1

CPENameOperatorVersion
sejoong_namo:activesquaresejoong namo activesquareeq6
sejoong_namo:namoinstall.1_activex_controlsejoong namo namoinstall.1 activex controleq3.0.0.1

CPE	Name	Operator	Version
sejoong_namo:activesquare	sejoong namo activesquare	eq	6
sejoong_namo:namoinstall.1_activex_control	sejoong namo namoinstall.1 activex control	eq	3.0.0.1

References

secunia.com/advisories/28649

exchange.xforce.ibmcloud.com/vulnerabilities/40199

www.exploit-db.com/exploits/5045

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.346 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2008-0634

prion2 cvelist2 nvd2 cve1