Vulnerability Details CVE-2008-3156
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.101
EPSS Ranking 92.7%
CVSS Severity
CVSS v2 Score 9.3
References
- http://karol.wiesek.pl/files/panda.tgz
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html
- http://secunia.com/advisories/30841
- http://www.securityfocus.com/bid/30086
- http://www.securitytracker.com/id?1020432
- http://www.vupen.com/english/advisories/2008/2008/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43587
- https://www.exploit-db.com/exploits/6004
- http://karol.wiesek.pl/files/panda.tgz
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html
- http://secunia.com/advisories/30841
- http://www.securityfocus.com/bid/30086
- http://www.securitytracker.com/id?1020432
- http://www.vupen.com/english/advisories/2008/2008/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43587
- https://www.exploit-db.com/exploits/6004
Products affected by CVE-2008-3156
-
cpe:2.3:a:panda:panda_activescan:2.0