Lucene search

K
cve[email protected]CVE-2008-2684
HistoryJun 12, 2008 - 12:21 p.m.

CVE-2008-2684

2008-06-1212:21:00
CWE-94
web.nvd.nist.gov
20
activex control
remote code execution
memory corruption
cve-2008-2684
black ice barcode sdk

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.103 Low

EPSS

Percentile

95.0%

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
blackiceblack_ice_barcode_sdkMatch5.01

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.103 Low

EPSS

Percentile

95.0%

Related for CVE-2008-2684