1. Home
  2. CVE Database
  3. CVE-2008-4771
HIGH · 9.3

CVE-2008-4771

Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) ...

Vulnerability Description

Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
4XemVatctrl Class1.0.0.27
D-LinkMpeg4 Shm Audio Control1.7.0.5
VivotekRtsp Mpeg4 Sp Control2.0.0.39

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2008-4771?

CVE-2008-4771 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) ...

How severe is CVE-2008-4771?

CVE-2008-4771 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-4771?

Check the references section above for vendor advisories and patch information. Affected products include: 4Xem Vatctrl Class, D-Link Mpeg4 Shm Audio Control, Vivotek Rtsp Mpeg4 Sp Control.