Lucene search

[email protected]CVE-2008-3430

HistoryJul 31, 2008 - 10:41 p.m.

CVE-2008-3430

2008-07-3122:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-3430

buffer overflow

covideowindow.ocx

activex control

eyeball messengersdk

siol komunikator 1.3

internet explorer

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.295 Low

EPSS

Percentile

96.9%

JSON

Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer.

Affected configurations

NVD

Node

eyeball_networkseyeball_messenger_sdkMatch5.0.907.1

CPENameOperatorVersion
eyeball_networks:eyeball_messenger_sdkeyeball networks eyeball messenger sdkeq5.0.907.1

CPE	Name	Operator	Version
eyeball_networks:eyeball_messenger_sdk	eyeball networks eyeball messenger sdk	eq	5.0.907.1

References

packetstormsecurity.org/0807-exploits/siol-overflow.txt

www.securityfocus.com/bid/30424

exchange.xforce.ibmcloud.com/vulnerabilities/44111

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.295 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2008-3430

cvelist1 prion1 nvd1