Computer Security

CVE-2008-4827
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-4827
StatusCandidate
DescriptionMultiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions.
PhaseAssigned (31.10.2008)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4827
ReferencesBID : 33148
 BUGTRAQ : 20090107 Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow
 MISC : http://secunia.com/secunia_research/2008-52/
 MISC : http://secunia.com/secunia_research/2008-53/
 MISC : http://secunia.com/secunia_research/2008-54/
 SECTRACK : 1021529
 SECUNIA : 32609
 SECUNIA : 32648
 SECUNIA : 32672
 SREASON : 4879
 VUPEN : ADV-2009-0036
 VUPEN : ADV-2009-0037
 XF : sapgui-tabone-bo(47770)
 XF : sizerone-tab-bo(47771)
 XF : tsc2-ctab-bo(47769)
SecurityVulns:TSC2 Help Desk ActiveX buffer overflow
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server