Lucene search

MitreCVE-2008-0248

HistoryJan 12, 2008 - 2:46 a.m.

CVE-2008-0248

2008-01-1202:46:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-0248

buffer overflow

activex control

streamaudio chaincast proxymanager

remote code execution

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.116

Percentile

95.3%

JSON

Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.

Affected configurations

Nvd

Node

streamaudiochaincast_proxymanager_activex_control

VendorProductVersionCPE
streamaudiochaincast_proxymanager_activex_control*cpe:2.3:a:streamaudio:chaincast_proxymanager_activex_control:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
streamaudio	chaincast_proxymanager_activex_control	*	cpe:2.3:a:streamaudio:chaincast_proxymanager_activex_control::::::::

References

lists.grok.org.uk/pipermail/full-disclosure/2008-January/059572.html

secunia.com/advisories/28461

www.securityfocus.com/bid/27247

www.vupen.com/english/advisories/2008/0133

exchange.xforce.ibmcloud.com/vulnerabilities/39622

www.exploit-db.com/exploits/4894

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.116

Percentile

95.3%

JSON

Related for CVE-2008-0248