Lucene search

[email protected]CVE-2008-1282

HistoryMar 10, 2008 - 11:44 p.m.

CVE-2008-1282

2008-03-1023:44:00

CWE-119

[email protected]

web.nvd.nist.gov

security

vulnerability

buffer overflow

bfup

activex

remote code execution

cve-2008-1282

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup before 1.0.802.29 allows remote attackers to execute arbitrary code via a long FilePath parameter.

Affected configurations

NVD

Node

b21softbfupRange≤1.0.308_19

CPENameOperatorVersion
b21soft:bfupb21soft bfuple1.0.308_19

CPE	Name	Operator	Version
b21soft:bfup	b21soft bfup	le	1.0.308_19

References

jvn.jp/jp/JVN%2310606373/index.html

secunia.com/advisories/29260

www.hi-ho.ne.jp/babaq/bfupinfo.html

www.securityfocus.com/bid/28131

www.vupen.com/english/advisories/2008/0797/references

exchange.xforce.ibmcloud.com/vulnerabilities/41050

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Related for CVE-2008-1282

nvd1 cvelist1 prion1