Lucene search

[email protected]CVE-2008-3156

HistoryJul 11, 2008 - 10:41 p.m.

CVE-2008-3156

2008-07-1122:41:00

CWE-264

[email protected]

web.nvd.nist.gov

activescan

activex control

as2guiie.dll

panda activescan

cve-2008-3156

nvd

security vulnerability

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.6%

JSON

The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.

Affected configurations

NVD

Node

pandapanda_activescanMatch2.0

CPENameOperatorVersion
panda:panda_activescanpanda panda activescaneq2.0

CPE	Name	Operator	Version
panda:panda_activescan	panda panda activescan	eq	2.0

References

karol.wiesek.pl/files/panda.tgz

lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html

lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html

secunia.com/advisories/30841

www.securityfocus.com/bid/30086

www.securitytracker.com/id?1020432

www.vupen.com/english/advisories/2008/2008/references

exchange.xforce.ibmcloud.com/vulnerabilities/43587

www.exploit-db.com/exploits/6004

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2008-3156

prion1 nvd1 cvelist1