Vulnerability Description
Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eyeball Networks | Eyeball Messenger Sdk | 5.0.907.1 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/0807-exploits/siol-overflow.txtExploit
- http://www.securityfocus.com/bid/30424Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44111
- http://packetstormsecurity.org/0807-exploits/siol-overflow.txtExploit
- http://www.securityfocus.com/bid/30424Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44111
FAQ
What is CVE-2008-3430?
CVE-2008-3430 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a la...
How severe is CVE-2008-3430?
CVE-2008-3430 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3430?
Check the references section above for vendor advisories and patch information. Affected products include: Eyeball Networks Eyeball Messenger Sdk.