Vulnerability Description
Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (DanskeSikker.ocx) 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Danskebank | Danskesikker.Ocx | <= 3.1.0.48 |
Related Weaknesses (CWE)
References
- http://osvdb.org/53715
- http://secunia.com/advisories/29635Vendor Advisory
- http://secunia.com/secunia_research/2008-17/Vendor Advisory
- http://www.securityfocus.com/archive/1/502725/100/0/threaded
- http://www.securityfocus.com/bid/34549
- http://www.vupen.com/english/advisories/2009/1047Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49903
- http://osvdb.org/53715
- http://secunia.com/advisories/29635Vendor Advisory
- http://secunia.com/secunia_research/2008-17/Vendor Advisory
- http://www.securityfocus.com/archive/1/502725/100/0/threaded
- http://www.securityfocus.com/bid/34549
- http://www.vupen.com/english/advisories/2009/1047Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49903
FAQ
What is CVE-2008-1107?
CVE-2008-1107 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (DanskeSikker.ocx) 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary co...
How severe is CVE-2008-1107?
CVE-2008-1107 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1107?
Check the references section above for vendor advisories and patch information. Affected products include: Danskebank Danskesikker.Ocx.