CVE-2008-1044

2008-02-2719:44:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-1044

stack-based buffer overflow

quantum streaming player

qsp2ie

activex control

move media player

cve-2007-4722

nvd

information security

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.125 Low

EPSS

Percentile

95.4%

JSON

Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX control (aka QSP2IE.QSP2IE) in qsp2ie07076007.dll 7.7.6.7 and qsp2ie07074039.dll 7.7.4.39 in Move Media Player allows remote attackers to execute arbitrary code via a long argument to the UploadLogs method, a different vector than CVE-2007-4722. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
move_networks_inc:qunatum_streaming_playermove networks inc qunatum streaming playereq7.7.6.7
move_networks_inc:move_media_playermove networks inc move media playereq*
move_networks_inc:qunatum_streaming_playermove networks inc qunatum streaming playereq7.7.4_39

CPE	Name	Operator	Version
move_networks_inc:qunatum_streaming_player	move networks inc qunatum streaming player	eq	7.7.6.7
move_networks_inc:move_media_player	move networks inc move media player	eq	*
move_networks_inc:qunatum_streaming_player	move networks inc qunatum streaming player	eq	7.7.4_39