Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1116

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1116
Last Modified 07 Mar 2011 10:05:58
Published 03 Mar 2008 01:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1116

Summary

Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Rising Antivirus International Rising Web Scan Object 18.0.7


References

BID - 27997

VUPEN - ADV-2008-0683

MILW0RM - 5188

SECUNIA - 29109

XF - risingonline-webscan-code-execution(40838)


Last Updated: 27 May 2016 10:47:02