Vulnerability Description
Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rising Antivirus International | Rising Web Scan Object | 18.0.7 |
References
- http://secunia.com/advisories/29109Vendor Advisory
- http://www.securityfocus.com/bid/27997Patch
- http://www.vupen.com/english/advisories/2008/0683/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40838
- https://www.exploit-db.com/exploits/5188
- http://secunia.com/advisories/29109Vendor Advisory
- http://www.securityfocus.com/bid/27997Patch
- http://www.vupen.com/english/advisories/2008/0683/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40838
- https://www.exploit-db.com/exploits/5188
FAQ
What is CVE-2008-1116?
CVE-2008-1116 is a vulnerability with a CVSS score of 9.3 (HIGH). Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by se...
How severe is CVE-2008-1116?
CVE-2008-1116 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1116?
Check the references section above for vendor advisories and patch information. Affected products include: Rising Antivirus International Rising Web Scan Object.