返回 CVE 浏览器

CVE-2008-0443

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1050%

EPSS Percentile15.46th

Published2008年1月25日

Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦

Lycos

Fileuploader.dll

= 2.0.2

References & Advisories

🔗 http://secunia.com/advisories/28599

🔗 http://www.securityfocus.com/bid/27411

🔗 http://www.vupen.com/english/advisories/2008/0253

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/39849

🔗 https://www.exploit-db.com/exploits/4967

🔗 http://secunia.com/advisories/28599

🔗 http://www.securityfocus.com/bid/27411

🔗 http://www.vupen.com/english/advisories/2008/0253

相关漏洞威胁

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...

CVE-2008-034310.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has u...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-034410.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote a...