CVE-2008-1107

Name of the Vulnerable Software and Affected Versions Danske Bank e-Sec Control Module ActiveX control versions 3.1.0.48 and possibly earlier versions

Description The issue is related to multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control. This occurs when the control receives long arguments to unspecified methods, which are not properly handled by a logging function, allowing remote attackers to execute arbitrary code.

Recommendations For versions 3.1.0.48 and possibly earlier versions, consider disabling the logging function in the Danske Bank e-Sec Control Module ActiveX control until a patch is available. Restrict access to the control to minimize the risk of exploitation. Avoid using long arguments to unspecified methods in the affected control. At the moment, there is no information about a newer version that contains a fix for this issue.