CVE-2008-0443

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value.  NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
lycosfileuploader.dll
2.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/28599
http://www.securityfocus.com/bid/27411
http://www.vupen.com/english/advisories/2008/0253
https://exchange.xforce.ibmcloud.com/vulnerabilities/39849
https://www.exploit-db.com/exploits/4967
http://secunia.com/advisories/28599
http://www.securityfocus.com/bid/27411
http://www.vupen.com/english/advisories/2008/0253
https://exchange.xforce.ibmcloud.com/vulnerabilities/39849
https://www.exploit-db.com/exploits/4967