CVE-2008-3702

Name of the Vulnerable Software and Affected Versions JComSoft AniGIF.ocx versions 1.12 through 2.47 SpeedBit Download Accelerator Plus (DAP) version 8.6

Description The issue is related to multiple stack-based buffer overflows in the Animation GIF ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Recommendations For JComSoft AniGIF.ocx versions 1.12 through 2.47, consider disabling the ReadGIF and ReadGIF2 methods until a patch is available. For SpeedBit Download Accelerator Plus (DAP) version 8.6, restrict the use of the affected ActiveX control to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.