PT-2008-4574 · Panda · Panda Activescan
Karol Wiesek
·
Publicado
2008-07-11
·
Atualizado
2017-09-29
·
CVE-2008-3155
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Panda ActiveScan versions prior to 1.02.00
Description:
The issue is related to a stack-based buffer overflow in the ActiveX control. This can be triggered by passing a long argument to the
Update method, potentially allowing remote attackers to cause a denial of service or execute arbitrary code.Recommendations:
For versions prior to 1.02.00, update to version 1.02.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the
as2guiie.dll ActiveX control until the update is applied.Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Panda Activescan