Vulnerability Description
Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gateway | Weblaunch | 1.0.0.1 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=full-disclosure&m=119984138526735&w=2
- http://secunia.com/advisories/28379Vendor Advisory
- http://www.vupen.com/english/advisories/2008/0077
- https://www.exploit-db.com/exploits/4869
- http://marc.info/?l=full-disclosure&m=119984138526735&w=2
- http://secunia.com/advisories/28379Vendor Advisory
- http://www.vupen.com/english/advisories/2008/0077
- https://www.exploit-db.com/exploits/4869
FAQ
What is CVE-2008-0221?
CVE-2008-0221 is a vulnerability with a CVSS score of 9.3 (HIGH). Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary program...
How severe is CVE-2008-0221?
CVE-2008-0221 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0221?
Check the references section above for vendor advisories and patch information. Affected products include: Gateway Weblaunch.