CVE Vulnerability

CVE-2008-5364

Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2008-4817.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.securityfocus.com/bid/32105
http://www.adobe.com/support/security/bulletins/apsb08-19.html Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=754
http://www.vupen.com/english/advisories/2008/3002 Vendor Advisory
Configurations

Configuration 1
Information

Published : 2008-12-08 11:30

Updated : 2010-10-25 04:00

NVD link : CVE-2008-5364

Mitre link : CVE-2008-5364

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer