CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0437

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1720%
EPSS Percentile8.28th
PublishedJan 23, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Hp

Virtual Rooms

= 1.0.0.100
πŸ“¦
Microsoft

Activex

All versions

References & Advisories

πŸ”— http://marc.info/?l=full-disclosure&m=120098751528333&w=2
πŸ”— http://secunia.com/advisories/28595
πŸ”— http://www.securityfocus.com/bid/27384
πŸ”— http://www.vupen.com/english/advisories/2008/0236
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/39836
πŸ”— https://www.exploit-db.com/exploits/4959
πŸ”— http://marc.info/?l=full-disclosure&m=120098751528333&w=2
πŸ”— http://secunia.com/advisories/28595

Related Vulnerabilities

CVE-2009-020810.0

Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows remote attackers to execute arb...

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...

CVE-2021-344169.8

The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, ...

CVE-2021-344177.9

The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoo...

CVE-2008-0437 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space