CVE-2008-3704

Name of the Vulnerable Software and Affected Versions Msmask32.ocx version 6.0.81.69 Msmask32.ocx versions prior to 6.0.84.18

Description The issue is related to a heap-based buffer overflow in the MaskedEdit ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long Mask parameter, due to the lack of boundary checks when validating property values. The issue has been exploited in the wild.

Recommendations For Msmask32.ocx version 6.0.81.69, update to version 6.0.84.18 or later. For Msmask32.ocx versions prior to 6.0.84.18, update to version 6.0.84.18 or later.