PT-2008-4874 · Anzio · Anzio Web Print Object

Francisco Falcon

Published

2008-08-29

Updated

2018-10-11

CVE-2008-3480

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Anzio Web Print Object (WePO) versions 3.2.19 through 3.2.24

Description The issue is a stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control, which allows remote attackers to execute arbitrary code via a long mainurl parameter.

Recommendations For versions 3.2.19 through 3.2.24, avoid using the mainurl parameter in the affected ActiveX control until a patch is available. As a temporary workaround, consider restricting access to the Anzio Web Print Object (WePO) ActiveX control to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2008-3480

Affected Products

Anzio Web Print Object

PT-2008-4874 · Anzio · Anzio Web Print Object

CVE-2008-3480

Weakness Enumeration

Related Identifiers

Affected Products

References · 8