Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-4342
HistorySep 30, 2008 - 5:22 p.m.

CVE-2008-4342

2008-09-3017:22:09
CWE-20
[email protected]
web.nvd.nist.gov
2

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.458

Percentile

97.4%

JSON

NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to overwrite and create arbitrary files via calls to the EnableLog and LogMessage methods. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs.

Affected configurations

Nvd
Node
burnaware_technologiesburnawareMatch2.1.3unknownfree
OR
burnaware_technologiesburnawareMatch2.1.3unknownhome
OR
burnaware_technologiesburnawareMatch2.1.3unknownprofessional
OR
impressumcdburnerxpMatch4.2.1.976
OR
numedia_softnumedia_dvd_burning_sdkMatch1.008
VendorProductVersionCPE
burnaware_technologiesburnaware2.1.3cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:free:*:*:*:*:*
burnaware_technologiesburnaware2.1.3cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:home:*:*:*:*:*
burnaware_technologiesburnaware2.1.3cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:professional:*:*:*:*:*
impressumcdburnerxp4.2.1.976cpe:2.3:a:impressum:cdburnerxp:4.2.1.976:*:*:*:*:*:*:*
numedia_softnumedia_dvd_burning_sdk1.008cpe:2.3:a:numedia_soft:numedia_dvd_burning_sdk:1.008:*:*:*:*:*:*:*

Related

cvelist 1
openvas 4
exploitdb 1
prion 1
kaspersky 1
cve 1
cvelist
cvelist
CVE-2008-4342
2008-09-30 17:00:00
openvas
openvas
NuMedia Soft DVD Burning SDK Activex Control Remote Code Execution Vulnerability
2008-09-26 00:00:00
NuMedia Soft DVD Burning SDK Activex Control RCE Vulnerability
2008-09-26 00:00:00
Detection of Dangerous ActiveX Control
2009-02-04 00:00:00
exploitdb
exploitdb
NuMedia Soft Nms DVD Burning SDK - ActiveX 'NMSDVDX.dll' Command Execution
2008-09-19 00:00:00
prion
prion
Remote code execution
2008-09-30 17:22:00
kaspersky
kaspersky
KLA10097 WLF vulnerability in CDBurnerXP
2008-09-30 00:00:00
cve
cve
CVE-2008-4342
2008-09-30 17:22:09

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.458

Percentile

97.4%

JSON
Related for NVD:CVE-2008-4342
cvelist1openvas4exploitdb1prion1kaspersky1cve1