Name:
Sony.ImageStation.SetLogging.ActiveX.Control.Buffe
Released Date:
Feb 11 2008
Severity:
critical
CVE:
2008-0748
Bugtraq:
27715

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a buffer overflow vulnerability in Sony's ImageStation AxRUploadServer ActiveX Control.

The vulnerability can be exploited by passing an overly long string to the "SetLogging()" method. As a result an attacker can execute arbitrary commands on a victim's computer.
 
Impact
System Compromise: remote arbitrary command execution.
 
Affected Products
Sony ImageStation AxRUploadServer.dll version 1.0.0.38
Aliases
Sony.ImageStation.SetLogging.ActiveX.Control.Buffer.Overflow
References
http://www.securityfocus.com/bid/27715
http://www.frsirt.com/english/advisories/2008/0483
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0748
http://milw0rm.org/exploits/5100
Recommended Actions
Update to the latest version when it becomes available.

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED