Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-4827

Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions.

Published

2009-01-08T19:30:11.063

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	componentone	sizerone	8.0.20081.140	Yes
Application	sap	sap_gui	6.40	Yes
Application	sap	sap_gui	7.10	Yes
Application	sap	tabone	7.0.0.16	Yes
Application	servantix	tsc2_help_desk	4.18	Yes

References

http://secunia.com/advisories/32609 Vendor Advisory ([email protected])
http://secunia.com/advisories/32648 Vendor Advisory ([email protected])
http://secunia.com/advisories/32672 Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2008-52/ Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2008-53/ Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2008-54/ Vendor Advisory ([email protected])
http://securityreason.com/securityalert/4879 ([email protected])
http://securitytracker.com/id?1021529 ([email protected])
http://www.securityfocus.com/archive/1/499830/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/33148 ([email protected])
http://www.vupen.com/english/advisories/2009/0036 ([email protected])
http://www.vupen.com/english/advisories/2009/0037 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/47769 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/47770 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/47771 ([email protected])
http://secunia.com/advisories/32609 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32648 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32672 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2008-52/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2008-53/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2008-54/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/4879 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1021529 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/499830/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/33148 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/0036 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/0037 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47769 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47770 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47771 (af854a3a-2127-422b-91ae-364da2661108)