Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0956

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0956
Last Modified 07 Mar 2011 10:05:43
Published 11 Jun 2008 10:32:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0956

Summary

Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Backweb 8.1.1.86

  • Logitech Desktop Manager 2.55


References

CERT-VN - VU#216153

CERT - TA08-162B

MS - MS08-032

XF - backweb-activex-liteinstactivator-bo(42991)

VUPEN - ADV-2008-1792

VUPEN - ADV-2008-1791

BID - 29558

SECUNIA - 30625

SECUNIA - 30598

HP - HPSBST02344

CONFIRM - http://backweb.com/news_events/press_releases/051608.php

HP - SSRT080087


Last Updated: 27 May 2016 10:47:28