Lucene search

[email protected]CVE-2008-4547

HistoryOct 14, 2008 - 6:12 p.m.

CVE-2008-4547

2008-10-1418:12:14

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-4547

nvd

security

buffer overflow

pdvratl

pdvrocx

dvrhost web cms ocx

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.152 Low

EPSS

Percentile

95.9%

JSON

Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method.

Affected configurations

NVD

Node

dvrstationdvrstation_cmsMatch1.0.1.25

CPENameOperatorVersion
dvrstation:dvrstation_cmsdvrstation dvrstation cmseq1.0.1.25

CPE	Name	Operator	Version
dvrstation:dvrstation_cms	dvrstation dvrstation cms	eq	1.0.1.25

References

secunia.com/advisories/28443

securityreason.com/securityalert/4407

www.securityfocus.com/bid/27267

www.vupen.com/english/advisories/2008/0132

exchange.xforce.ibmcloud.com/vulnerabilities/39640

www.exploit-db.com/exploits/4903

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.152 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2008-4547

prion1 cvelist1 nvd1