Lucene search

[email protected]CVE-2008-0634

HistoryFeb 06, 2008 - 9:00 p.m.

CVE-2008-0634

2008-02-0621:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0634

buffer overflow

namoinstaller.namoinstall.1

activex control

namoinstaller.dll

remote code execution

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.346 Low

EPSS

Percentile

97.1%

JSON

Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.

Affected configurations

NVD

Node

sejoong_namoactivesquareMatch6

sejoong_namonamoinstall.1_activex_controlMatch3.0.0.1

CPENameOperatorVersion
sejoong_namo:activesquaresejoong namo activesquareeq6
sejoong_namo:namoinstall.1_activex_controlsejoong namo namoinstall.1 activex controleq3.0.0.1

CPE	Name	Operator	Version
sejoong_namo:activesquare	sejoong namo activesquare	eq	6
sejoong_namo:namoinstall.1_activex_control	sejoong namo namoinstall.1 activex control	eq	3.0.0.1

References

secunia.com/advisories/28649

exchange.xforce.ibmcloud.com/vulnerabilities/40199

www.exploit-db.com/exploits/5045

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.346 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2008-0634

cvelist2 nvd2 prion2 cve1