Lucene search

[email protected]CVE-2008-4132

HistorySep 19, 2008 - 5:15 p.m.

CVE-2008-4132

2008-09-1917:15:05

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-4132

stack-based buffer overflow

vsflexgrid

activex

componentone

remote code execution

archive method

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.0%

JSON

Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne VSFlexGrid 7.0.1.151 and 8.0.20072.239 allows remote attackers to execute arbitrary code via a long first argument to the Archive method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

componentonevsflexgridMatch7.0.1.151

componentonevsflexgridMatch8.0.20072.239

CPENameOperatorVersion
componentone:vsflexgridcomponentone vsflexgrideq7.0.1.151
componentone:vsflexgridcomponentone vsflexgrideq8.0.20072.239

CPE	Name	Operator	Version
componentone:vsflexgrid	componentone vsflexgrid	eq	7.0.1.151
componentone:vsflexgrid	componentone vsflexgrid	eq	8.0.20072.239

References

www.securityfocus.com/bid/31200

exchange.xforce.ibmcloud.com/vulnerabilities/45184

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2008-4132

prion1 cvelist1 nvd1