Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3702

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3702
Last Modified 29 Jan 2009 01:54:11
Published 15 Aug 2008 04:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3702

Summary

Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Vulnerable Systems

Application

  • Jcomsoft Anigif 1.12

  • Jcomsoft Anigif 2.47

  • Speedbit Download Accelerator Plus 8.6


References

XF - jcomsoft-anigif-readgif-readgif2-bo(44412)

BID - 30621

MILW0RM - 6216

SREASON - 4159


Last Updated: 27 May 2016 10:48:16