Lucene search

[email protected]CVE-2008-2745

HistoryJun 17, 2008 - 3:41 p.m.

CVE-2008-2745

2008-06-1715:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-2745

buffer overflow

bianno

activex control

black ice software

annotation plugin

remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

95.0%

JSON

Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method.

Affected configurations

NVD

Node

black_iceannotation_softwareMatch10.95

CPENameOperatorVersion
black_ice:annotation_softwareblack ice annotation softwareeq10.95

CPE	Name	Operator	Version
black_ice:annotation_software	black ice annotation software	eq	10.95

References

secunia.com/advisories/30603

www.securityfocus.com/bid/29635

www.vupen.com/english/advisories/2008/1795/references

exchange.xforce.ibmcloud.com/vulnerabilities/42982

www.exploit-db.com/exploits/5777

www.exploit-db.com/exploits/5778

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2008-2745

nvd1 prion1 cvelist1