What is CVE-2008-1472?

CVE-2008-1472 is a vulnerability in N/a. Published 2008-03-24.

Is CVE-2008-1472 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-1472

Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11…

EPSS: 0.763 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

28268 (vdb-entry, x_refsource_BID)
ADV-2008-0902 (vdb-entry, x_refsource_VUPEN)
29408 (x_refsource_SECUNIA, third-party-advisory)
5264 (exploit, x_refsource_EXPLOIT-DB)
ca-arcserve-listctrl-bo(41225) (vdb-entry, x_refsource_XF)
20080320 Note about recently publicized CA BrightStor ActiveX exploit code (mailing-list, x_refsource_BUGTRAQ)
1019617 (vdb-entry, x_refsource_SECTRACK)
20080328 CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)
community.ca.com/blogs/casecurityresponseblog/archive/2008/3/28.aspx (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2008-1472?: CVE-2008-1472 is a vulnerability in N/a. Published 2008-03-24.
Is CVE-2008-1472 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.