CVE-2008-4384

Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
iseemedialpviewer
*
mgi_softwarelpviewer
*
roxiolpviewer
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699
http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699