Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2683

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2683
Last Modified 21 Sep 2011 10:55:04
Published 12 Jun 2008 08:21:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2683

Summary

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second argument. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Black Ice Barcode Sdk 5.01


References

XF - barcode-bidib-file-overwrite(42891)

VUPEN - ADV-2008-1768

OSVDB - 46007

MILW0RM - 5750

EXPLOIT-DB - 17415

SREASON - 8277

SREASON - 8276

SECUNIA - 30548


Last Updated: 27 May 2016 10:47:57