CVE-2008-0956

critical

Description

Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42991

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032

http://www.vupen.com/english/advisories/2008/1792

http://www.vupen.com/english/advisories/2008/1791

http://www.us-cert.gov/cas/techalerts/TA08-162B.html

http://www.securityfocus.com/bid/29558

http://www.kb.cert.org/vuls/id/216153

http://secunia.com/advisories/30625

http://secunia.com/advisories/30598

http://marc.info/?l=bugtraq&m=121380194923597&w=2

http://backweb.com/news_events/press_releases/051608.php

Details

Source: Mitre, NVD

Published: 2008-06-12

Updated: 2024-02-14

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical