CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-4384

Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.625

EPSS Ranking 98.3%

CVSS Severity

CVSS v2 Score 9.3

References

http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699
http://secunia.com/advisories/32140
http://www.kb.cert.org/vuls/id/848873
http://www.securityfocus.com/bid/31604
http://www.vupen.com/english/advisories/2008/2749
https://exchange.xforce.ibmcloud.com/vulnerabilities/45699

Products affected by CVE-2008-4384

Iseemedia » Lpviewer » Version: Any

cpe:2.3:a:iseemedia:lpviewer:*
Mgi Software » Lpviewer » Version: Any

cpe:2.3:a:mgi_software:lpviewer:*
Roxio » Lpviewer » Version: Any

cpe:2.3:a:roxio:lpviewer:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4384

Products

Pricing

Contact Us