CVE-2008-4771
Last modified
CVE-2008-4771 is a vulnerability of currently unknown severity. Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.. EPSS estimates a 7.14% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| 4xem | Vatctrl Class | 1.0.0.27 |
| 4xem | Vatctrl Class | 1.0.0.51 |
| D-Link | Mpeg4 Shm Audio Control | 1.7.0.5 |
| Vivotek | Rtsp Mpeg4 Sp Control | 2.0.0.39 |
References
- http://secunia.com/advisories/29131Vendor Advisory
- http://secunia.com/advisories/29145Vendor Advisory
- http://secunia.com/advisories/29146Vendor Advisory
- http://secunia.com/advisories/29131Vendor Advisory
- http://secunia.com/advisories/29145Vendor Advisory
- http://secunia.com/advisories/29146Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-4771?
How severe is CVE-2008-4771?
How do I fix CVE-2008-4771?
Are you affected by CVE-2008-4771?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST