CVSS: 9.3EPSS: 96%CPEs: 10EXPL: 2CVE-2008-4255 – Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4255
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." Un desbordamiento de búfer en la región heap de la memoria en el archivo mscomct2.ocx (también se conoce como control ActiveX de Windows Common o control ActiveX de Microsoft Animation) en Visual Basic versión 6.0, Visual Studio .NET 2002 SP1 y 2003 SP1, Visual FoxPro versiones 8.0 SP1 y 9.0 SP1 y SP2, y Office Project 2003 SP3 y 2007 Gold y SP1, de Microsoft, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo AVI con una longitud de secuencia diseñada, lo que desencadena un "allocation error" y corrupción de memoria, también se conoce como "Windows Common AVI Parsing Overflow Vulnerability." This vulnerability allows remote attackers to execute arbitrary code through vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the Microsoft Animation ActiveX control MSCOMCT2.OCX. When parsing a malformed AVI file through this control an exploitable heap corruption can occur. • https://www.exploit-db.com/exploits/7431 http://downloads.securityfocus.com/vulnerabilities/exploits/32613.pl http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm http://www.securityfocus.com/archive/1/499061/100/0/threaded http://www.securityfocus.com/bid/32613 http://www.securitytracker.com/id?1021369 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3382 http://www.zerodayinitiative.com/advisories/ZDI-08-083 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 4%CPEs: 23EXPL: 0CVE-2008-3068
https://notcve.org/view.php?id=CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. Microsoft Crypto API 5.131.2600.2180 hasta la 6.0, como las usadas en Outlook, Windows Live Mail, y Office 2007, realiza una lista de revocación de certificado (CRL) utilizando una URL arbitraria de un certificado incluido en (1) mensaje de correo electrónico S/MIME o (2) documento firmado, lo que permite a atacantes remotos conseguir tiempos de lectura y direcciones IP de recipientes, y resultados de escaneo de puerto, a través de un certificado manipulado con una extensión de de una Authority Information Access (AIA). • http://securityreason.com/securityalert/3978 http://www.securityfocus.com/archive/1/493947/100/0/threaded http://www.securityfocus.com/archive/1/494101/100/0/threaded http://www.securityfocus.com/bid/28548 http://www.securitytracker.com/id?1019736 http://www.securitytracker.com/id?1019737 http://www.securitytracker.com/id?1019738 https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt https://www.cynops.de/advisories/AK •