Lucene search
RootSSV:4170HistoryOct 08, 2008 - 12:00 a.m.
iseemedia 'LPControl.dll' LPViewer ActiveX控件多个缓冲区溢出漏洞
2008-10-0800:00:00
Root
www.seebug.org
10
0.611 Medium
EPSS
Percentile
97.8%
BUGTRAQ ID: 31604
CVE ID:CVE-2008-4384
CNCVE ID:CNCVE-20084384
iseemedia是一款图像处理软件。
iseemedia LPViewer ActiveX控件存在多个基于栈的缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。
LPControl.dll文件提供了iseemedia LPViewer ActiveX控件,控件对url(), toolbar(), 和enableZoomPastMax()方法处理缺少充分的边界检查,构建恶意HTML文档,诱使用户访问,可导致以应用程序权限执行任意指令。
iseemedia LPViewer
可参考如下临时解决方案:
编辑如下文本并保存为以.reg结尾的文件并双击导入:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{3F0EECCE-E138-11D1-8712-0060083D83F5}]
"Compatibility Flags"=dword:00000400
目前供应商没有解决方案提供:
<a href=“http://www.iseemedia.com/” target=“_blank”>http://www.iseemedia.com/</a>
Related
packetstorm
packetstorm
iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow
2009-11-26 00:00:00
saint
saint
LPViewer ActiveX Control url property buffer overflow
2008-11-21 00:00:00
LPViewer ActiveX Control url property buffer overflow
2008-11-21 00:00:00
LPViewer ActiveX Control url property buffer overflow
2008-11-21 00:00:00
prion
prion
Stack overflow
2008-10-07 20:00:00
nvd
nvd
CVE-2008-4384
2008-10-07 20:00:17
cert
cert
checkpoint_advisories
checkpoint_advisories
iseemedia LPViewer ActiveX Control Multiple Buffer Overflows (CVE-2008-4384)
2008-11-18 00:00:00
nessus
nessus
LPViewer ActiveX Control Multiple Buffer Overflow Vulnerabilities
2008-10-22 00:00:00
cvelist
cvelist
CVE-2008-4384
2008-10-07 18:27:00
cve
cve
CVE-2008-4384
2008-10-07 20:00:17