CVE-2008-4771
published 2008-10-28CVE-2008-4771: Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
7.14%
93.5th percentile
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 4xem | vatctrl_class | — | — |
| 4xem | vatctrl_class | — | — |
| d-link | mpeg4_shm_audio_control | — | — |
| vivotek | rtsp_mpeg4_sp_control | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/42378http://osvdb.org/43007http://secunia.com/advisories/29131http://secunia.com/advisories/29145http://secunia.com/advisories/29146http://securityreason.com/securityalert/4517http://www.securityfocus.com/bid/28010http://www.vupen.com/english/advisories/2008/0685/referenceshttp://www.vupen.com/english/advisories/2008/0686/referenceshttp://www.vupen.com/english/advisories/2008/0687/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/40863https://exchange.xforce.ibmcloud.com/vulnerabilities/40864https://exchange.xforce.ibmcloud.com/vulnerabilities/40867https://www.exploit-db.com/exploits/5193http://osvdb.org/42378http://osvdb.org/43007http://secunia.com/advisories/29131http://secunia.com/advisories/29145http://secunia.com/advisories/29146http://securityreason.com/securityalert/4517http://www.securityfocus.com/bid/28010http://www.vupen.com/english/advisories/2008/0685/referenceshttp://www.vupen.com/english/advisories/2008/0686/referenceshttp://www.vupen.com/english/advisories/2008/0687/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/40863https://exchange.xforce.ibmcloud.com/vulnerabilities/40864https://exchange.xforce.ibmcloud.com/vulnerabilities/40867https://www.exploit-db.com/exploits/5193
2008-10-28
Published