CVE-2008-4384

EUVD-2008-4365
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
iseemedialpviewer
*
mgi_softwarelpviewer
*
roxiolpviewer
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699
http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699