Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2008-4729

Published: 24/10/2008 Updated: 29/09/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Hummingbird

Vulnerability Summary

Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and previous versions allows remote malicious users to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0.

Vulnerable Product Search on Vulmon Subscribe to Product

hummingbird exceed

hummingbird exceed 9.0

hummingbird exceed 10.0

hummingbird exceed powersuite

hummingbird exceed 2007

hummingbird exceed 2006

Exploits

Exploit DB: Hummingbird 13.0 - ActiveX Remote Buffer Overflow (PoC)
<html> <!-- the latest version of this activex (130) is compiled with /gs, earlier versions aren't The XXXX would have overwritten return address by thomaspollet@gmailcom --> <object classid='clsid:FFB6CC68-702D-4FE2-A8E7-4DE23835F0D2' id='target' ></object> <script language='vbscript'> arg1="0011012201230124 ...

References

CWE-119http://secunia.com/advisories/32319http://securityreason.com/securityalert/4505http://www.securityfocus.com/bid/31783https://exchange.xforce.ibmcloud.com/vulnerabilities/45941https://www.exploit-db.com/exploits/6761https://nvd.nist.govhttps://www.exploit-db.com/exploits/6761/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook