CVE Vulnerability

CVE-2008-2684

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://secunia.com/advisories/30548 Vendor Advisory
http://www.securityfocus.com/bid/29579
http://www.vupen.com/english/advisories/2008/1768/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42896
https://www.exploit-db.com/exploits/5750
Configurations

Configuration 1

cpe:2.3:a:blackice:black_ice_barcode_sdk:5.01:*:*:*:*:*:*:*
Information

Published : 2008-06-12 12:21

Updated : 2017-09-29 01:31

NVD link : CVE-2008-2684

Mitre link : CVE-2008-2684

Products Affected
No products.
CWE
CWE-94