Lucene search

K
cve[email protected]CVE-2008-1107
HistoryApr 17, 2009 - 12:30 a.m.

CVE-2008-1107

2009-04-1700:30:00
CWE-119
web.nvd.nist.gov
19
cve-2008-1107
buffer overflow
activex control
danske bank
e-sec
arbitrary code execution

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.167 Low

EPSS

Percentile

96.1%

Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (DanskeSikker.ocx) 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function.

Affected configurations

NVD
Node
danskebankdanskesikker.ocxRange3.1.0.48

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.167 Low

EPSS

Percentile

96.1%