CVE Vulnerability

CVE-2008-0956

Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://backweb.com/news_events/press_releases/051608.php
http://www.us-cert.gov/cas/techalerts/TA08-162B.html US Government Resource
http://www.kb.cert.org/vuls/id/216153 Patch US Government Resource
http://www.securityfocus.com/bid/29558
http://secunia.com/advisories/30598 Vendor Advisory
http://secunia.com/advisories/30625 Vendor Advisory
http://marc.info/?l=bugtraq&m=121380194923597&w=2
http://www.vupen.com/english/advisories/2008/1791
http://www.vupen.com/english/advisories/2008/1792
https://exchange.xforce.ibmcloud.com/vulnerabilities/42991
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032
Configurations

Configuration 1

cpe:2.3:a:logitech:desktop_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:backweb:backweb:*:*:*:*:*:*:*:*
Information

Published : 2008-06-12 02:32

Updated : 2018-10-12 09:45

NVD link : CVE-2008-0956

Mitre link : CVE-2008-0956

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer