CVE-2008-0437 Information

Description

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100 as used in the installation process for HP Virtual Rooms allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL (2) PortalAPIURL or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Reference

http://marc.info/?l=full-disclosure&m=120098751528333&w=2 http://secunia.com/advisories/28595 http://www.securityfocus.com/bid/27384 http://www.vupen.com/english/advisories/2008/0236 https://exchange.xforce.ibmcloud.com/vulnerabilities/39836 https://www.exploit-db.com/exploits/4959