Lucene search

MitreCVE-2008-3156

HistoryJul 11, 2008 - 10:41 p.m.

CVE-2008-3156

2008-07-1122:41:00

CWE-264

mitre

web.nvd.nist.gov

activescan

activex control

as2guiie.dll

panda activescan

cve-2008-3156

nvd

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.022

Percentile

89.6%

JSON

The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.

Affected configurations

Nvd

Node

pandapanda_activescanMatch2.0

VendorProductVersionCPE
pandapanda_activescan2.0cpe:2.3:a:panda:panda_activescan:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
panda	panda_activescan	2.0	cpe:2.3:a:panda:panda_activescan:2.0:::::::*

References

karol.wiesek.pl/files/panda.tgz

lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html

lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html

secunia.com/advisories/30841

www.securityfocus.com/bid/30086

www.securitytracker.com/id?1020432

www.vupen.com/english/advisories/2008/2008/references

exchange.xforce.ibmcloud.com/vulnerabilities/43587

www.exploit-db.com/exploits/6004

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.022

Percentile

89.6%

JSON

Related for CVE-2008-3156