Vulnerability Description
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blackice | Black Ice Barcode Sdk | 5.01 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30548Vendor Advisory
- http://www.securityfocus.com/bid/29579
- http://www.vupen.com/english/advisories/2008/1768/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42896
- https://www.exploit-db.com/exploits/5750
- http://secunia.com/advisories/30548Vendor Advisory
- http://www.securityfocus.com/bid/29579
- http://www.vupen.com/english/advisories/2008/1768/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42896
- https://www.exploit-db.com/exploits/5750
FAQ
What is CVE-2008-2684?
CVE-2008-2684 is a vulnerability with a CVSS score of 9.3 (HIGH). The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFi...
How severe is CVE-2008-2684?
CVE-2008-2684 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2684?
Check the references section above for vendor advisories and patch information. Affected products include: Blackice Black Ice Barcode Sdk.