Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3156

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3156
Last Modified 07 Mar 2011 10:10:17
Published 11 Jul 2008 06:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3156

Summary

The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.

Vulnerable Systems

Application

  • Panda Activescan 2.0


References

XF - panda-activescan-file-download(43587)

VUPEN - ADV-2008-2008

SECTRACK - 1020432

BID - 30086

MILW0RM - 6004

SECUNIA - 30841

FULLDISC - 20080704 Panda ActiveScan 2.0 remote code execution

FULLDISC - 20080705 Panda ActiveScan 2.0 remote code execution

MISC - http://karol.wiesek.pl/files/panda.tgz


Last Updated: 27 May 2016 10:48:06