CVE-2008-0437

Currently unrated

Key Information:

Vendor: HP
Status: Virtual Rooms; Activex
Vendor: CVE Published:; 23 January 2008

Summary

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/39836

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/27384

vdb-entryx_refsource_BID

http://secunia.com/advisories/28595

third-party-advisoryx_refsource_SECUNIA

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 23, 2008
Vulnerability Reserved
Jan 23, 2008