Lucene search

[email protected]NVD:CVE-2008-1307

HistoryMar 12, 2008 - 5:44 p.m.

CVE-2008-1307

2008-03-1217:44:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.145

Percentile

95.8%

JSON

Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method.

Affected configurations

Nvd

Node

kingsoftantivirus_online_update_moduleMatch2007.12.29.29

VendorProductVersionCPE
kingsoftantivirus_online_update_module2007.12.29.29cpe:2.3:a:kingsoft:antivirus_online_update_module:2007.12.29.29:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kingsoft	antivirus_online_update_module	2007.12.29.29	cpe:2.3:a:kingsoft:antivirus_online_update_module:2007.12.29.29:::::::*

References

secunia.com/advisories/29204

www.securityfocus.com/bid/28172

www.vupen.com/english/advisories/2008/0857/references

exchange.xforce.ibmcloud.com/vulnerabilities/41088

www.exploit-db.com/exploits/5225

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.145

Percentile

95.8%

JSON

Related for NVD:CVE-2008-1307

cvelist1 cve1 prion1 exploitdb1