Lucene search

K
cve[email protected]CVE-2008-4384
HistoryOct 07, 2008 - 8:00 p.m.

CVE-2008-4384

2008-10-0720:00:17
CWE-119
web.nvd.nist.gov
31
cve-2008-4384
buffer overflow
mgi software
lpviewer
activex
remote code execution

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.611 Medium

EPSS

Percentile

97.8%

Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.

Affected configurations

NVD
Node
iseemedialpviewer
OR
mgi_softwarelpviewer
OR
roxiolpviewer

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.611 Medium

EPSS

Percentile

97.8%