Lucene search

[email protected]CVE-2008-1116

HistoryMar 03, 2008 - 6:44 p.m.

CVE-2008-1116

2008-03-0318:44:00

[email protected]

web.nvd.nist.gov

cve-2008-1116

insecure method

vulnerability

rising antivirus

activex control

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.067 Low

EPSS

Percentile

93.9%

JSON

Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

rising_antivirus_internationalrising_web_scan_objectMatch18.0.7

CPENameOperatorVersion
rising_antivirus_international:rising_web_scan_objectrising antivirus international rising web scan objecteq18.0.7

CPE	Name	Operator	Version
rising_antivirus_international:rising_web_scan_object	rising antivirus international rising web scan object	eq	18.0.7

References

secunia.com/advisories/29109

www.securityfocus.com/bid/27997

www.vupen.com/english/advisories/2008/0683/references

exchange.xforce.ibmcloud.com/vulnerabilities/40838

www.exploit-db.com/exploits/5188

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.067 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2008-1116

nvd1 prion1 cvelist1