Lucene search

[email protected]CVE-2008-0625

HistoryFeb 06, 2008 - 9:00 p.m.

CVE-2008-0625

2008-02-0621:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0625

buffer overflow

yahoo! music jukebox

activex control

mediagrid.dll

remote code execution

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.7 High

AI Score

Confidence

Low

0.059 Low

EPSS

Percentile

93.5%

JSON

Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method.

Affected configurations

NVD

Node

yahoomusic_jukeboxMatch2.2.2.56

CPENameOperatorVersion
yahoo:music_jukeboxyahoo music jukeboxeq2.2.2.56

CPE	Name	Operator	Version
yahoo:music_jukebox	yahoo music jukebox	eq	2.2.2.56

References

secunia.com/advisories/28757

www.kb.cert.org/vuls/id/340860

www.securityfocus.com/bid/27578

www.securitytracker.com/id?1019298

www.vupen.com/english/advisories/2008/0396/references

www.exploit-db.com/exploits/5052

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.7 High

AI Score

Confidence

Low

0.059 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2008-0625

cert1 saint4 cvelist1 nvd1 prion1 nessus1 checkpoint_advisories1