CVE-2008-0956

Опубликовано: 12 июн. 2008

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors.

Ссылки

http://backweb.com/news_events/press_releases/051608.php
URL Repurposed
http://marc.info/?l=bugtraq&m=121380194923597&w=2
http://secunia.com/advisories/30598
Vendor Advisory
http://secunia.com/advisories/30625
Vendor Advisory
http://www.kb.cert.org/vuls/id/216153
Patch
US Government Resource
http://www.securityfocus.com/bid/29558
http://www.us-cert.gov/cas/techalerts/TA08-162B.html
US Government Resource
http://www.vupen.com/english/advisories/2008/1791
http://www.vupen.com/english/advisories/2008/1792
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032
https://exchange.xforce.ibmcloud.com/vulnerabilities/42991
http://backweb.com/news_events/press_releases/051608.php
URL Repurposed
http://marc.info/?l=bugtraq&m=121380194923597&w=2
http://secunia.com/advisories/30598
Vendor Advisory
http://secunia.com/advisories/30625
Vendor Advisory
http://www.kb.cert.org/vuls/id/216153
Patch
US Government Resource
http://www.securityfocus.com/bid/29558
http://www.us-cert.gov/cas/techalerts/TA08-162B.html
US Government Resource
http://www.vupen.com/english/advisories/2008/1791
http://www.vupen.com/english/advisories/2008/1792

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:backweb:backweb:*:*:*:*:*:*:*:*

Версия до 8.1.1.86 (включая)

cpe:2.3:a:logitech:desktop_manager:*:*:*:*:*:*:*:*

Версия до 2.55 (включая)

EPSS

Процентиль: 97%

0.40272

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-7gm8-63p6-q3r8

github

почти 4 года назад