Vulnerability Description
Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qvod | Qvod Player | 1.0.1 |
Related Weaknesses (CWE)
References
- http://hi.baidu.com/muma_reader/blog/item/46bd0d7a04eb75e92f73b36e.html
- http://secunia.com/advisories/28494PatchVendor Advisory
- http://www.securityfocus.com/bid/27271ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39675
- http://hi.baidu.com/muma_reader/blog/item/46bd0d7a04eb75e92f73b36e.html
- http://secunia.com/advisories/28494PatchVendor Advisory
- http://www.securityfocus.com/bid/27271ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39675
FAQ
What is CVE-2008-4664?
CVE-2008-4664 is a vulnerability with a CVSS score of 9.3 (HIGH). Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. ...
How severe is CVE-2008-4664?
CVE-2008-4664 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4664?
Check the references section above for vendor advisories and patch information. Affected products include: Qvod Qvod Player.