CVSS: 9.3EPSS: 66%CPEs: 2EXPL: 2CVE-2008-4922 – DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX Component Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4922
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. Desbordamiento del búfer en el control ActiveX DjVu v3.0 para Microsoft Office (DjVu_ActiveX_MSOffice.dll) permite a atacantes remotos ejecutar código de su elección a través de un propiedad larga (1) ImageURL y puede que las propiedades (2) Mode, (3) Page, o Zoom. • https://www.exploit-db.com/exploits/16638 https://www.exploit-db.com/exploits/6878 http://securityreason.com/securityalert/4560 http://www.securityfocus.com/bid/31987 http://www.vupen.com/english/advisories/2008/2956 https://exchange.xforce.ibmcloud.com/vulnerabilities/46214 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •