Lucene search

MitreCVE-2008-3702

HistoryAug 15, 2008 - 8:41 p.m.

CVE-2008-3702

2008-08-1520:41:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-3702

buffer overflow

gif

activex

security vulnerability

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.142

Percentile

95.7%

JSON

Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Affected configurations

Nvd

Node

jcomsoftanigifMatch1.12

jcomsoftanigifMatch2.47

Node

speedbitdownload_accelerator_plusMatch8.6

VendorProductVersionCPE
jcomsoftanigif1.12cpe:2.3:a:jcomsoft:anigif:1.12:*:*:*:*:*:*:*
jcomsoftanigif2.47cpe:2.3:a:jcomsoft:anigif:2.47:*:*:*:*:*:*:*
speedbitdownload_accelerator_plus8.6cpe:2.3:a:speedbit:download_accelerator_plus:8.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jcomsoft	anigif	1.12	cpe:2.3:a:jcomsoft:anigif:1.12:::::::*
jcomsoft	anigif	2.47	cpe:2.3:a:jcomsoft:anigif:2.47:::::::*
speedbit	download_accelerator_plus	8.6	cpe:2.3:a:speedbit:download_accelerator_plus:8.6:::::::*

References

securityreason.com/securityalert/4159

www.securityfocus.com/bid/30621

exchange.xforce.ibmcloud.com/vulnerabilities/44412

www.exploit-db.com/exploits/6216

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.142

Percentile

95.7%

JSON

Related for CVE-2008-3702