Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2684

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2684
Last Modified 07 Mar 2011 10:09:36
Published 12 Jun 2008 08:21:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2684

Summary

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Blackice Black Ice Barcode Sdk 5.01


References

XF - barcode-bidib-code-execution(42896)

VUPEN - ADV-2008-1768

BID - 29579

MILW0RM - 5750

SECUNIA - 30548


Last Updated: 27 May 2016 10:47:57