CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-1307

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1850%
EPSS Percentile33.84th
Published2008年3月12日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method.

Affected Platforms (CPE)

📦
Kingsoft

Antivirus Online Update Module

= 2007.12.29.29

References & Advisories

🔗 http://secunia.com/advisories/29204
🔗 http://www.securityfocus.com/bid/28172
🔗 http://www.vupen.com/english/advisories/2008/0857/references
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41088
🔗 https://www.exploit-db.com/exploits/5225
🔗 http://secunia.com/advisories/29204
🔗 http://www.securityfocus.com/bid/28172
🔗 http://www.vupen.com/english/advisories/2008/0857/references

相關漏洞威脅

CVE-2008-602110.0

Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown imp...

CVE-2008-600510.0

Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 1...

CVE-2008-598210.0

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string ...

CVE-2008-428310.0

CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x ve...