Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1044

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1044
Last Modified 07 Mar 2011 10:05:51
Published 27 Feb 2008 02:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1044

Summary

Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX control (aka QSP2IE.QSP2IE) in qsp2ie07076007.dll 7.7.6.7 and qsp2ie07074039.dll 7.7.4.39 in Move Media Player allows remote attackers to execute arbitrary code via a long argument to the UploadLogs method, a different vector than CVE-2007-4722. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Move Networks Inc Move Media Player

  • Move Networks Inc Qunatum Streaming Player 7.7.4 39

  • Move Networks Inc Qunatum Streaming Player 7.7.6.7


References

VUPEN - ADV-2008-0684

BID - 27995

MILW0RM - 5190

SECUNIA - 29108

FULLDISC - 20080226 Move Networks Quantum Streaming Player UploadLogs() Buffer Overflow


Last Updated: 27 May 2016 10:47:01