PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
BID:30246
Info
PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 30246 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-3242 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 16 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | Parvez Anwar. |
| Vulnerable: |
PPMate PPMate 2.3.1 .93 |
| Not Vulnerable: | |
Discussion
PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
PPMate PPMedia Class ActiveX control is prone to a heap-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
PPMate 2.3.1.93 is vulnerable to this issue; other versions may also be affected.
PPMate PPMedia Class ActiveX control is prone to a heap-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
PPMate 2.3.1.93 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to view a malicious webpage.
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
To exploit this issue, an attacker must entice an unsuspecting user to view a malicious webpage.
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
PPMate PPMedia Class ActiveX Control Remote Buffer Overflow Vulnerability
References:
References:
- Microsoft Knowledge Base Article 240797 (Microsoft)
- PPMate Homepage (PPMate)