Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3430

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3430
Last Modified 05 Sep 2008 05:43:03
Published 31 Jul 2008 06:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3430

Summary

Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer.

Vulnerable Systems

Application

  • Eyeball Networks Eyeball Messenger Sdk 5.0.907.1


References

XF - eyeballmessengersdk-covideowindow-bo(44111)

BID - 30424

MISC - http://packetstormsecurity.org/0807-exploits/siol-overflow.txt


Last Updated: 27 May 2016 10:48:12