CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0443

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile15.46th
PublishedJan 25, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Lycos

Fileuploader.dll

= 2.0.2

References & Advisories

πŸ”— http://secunia.com/advisories/28599
πŸ”— http://www.securityfocus.com/bid/27411
πŸ”— http://www.vupen.com/english/advisories/2008/0253
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/39849
πŸ”— https://www.exploit-db.com/exploits/4967
πŸ”— http://secunia.com/advisories/28599
πŸ”— http://www.securityfocus.com/bid/27411
πŸ”— http://www.vupen.com/english/advisories/2008/0253

Related Vulnerabilities

CVE-2008-540310.0

Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbi...

CVE-2008-310710.0

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and J...

CVE-2008-034710.0

Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, a...

CVE-2008-310810.0

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and ...