What is CVE-2008-2551?

CVE-2008-2551 is a vulnerability in N/a. Published 2008-06-04.

Is CVE-2008-2551 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-2551

The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadActi…

EPSS: 0.851 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

ADV-2008-1733 (vdb-entry, x_refsource_VUPEN)
3926 (x_refsource_SREASON, third-party-advisory)
30512 (x_refsource_SECUNIA, third-party-advisory)
29519 (vdb-entry, x_refsource_BID)
20080603 [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit (mailing-list, x_refsource_BUGTRAQ)
iconaspa-downloaderactivex-code-execution(42825) (vdb-entry, x_refsource_XF)
5732 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2008-2551?: CVE-2008-2551 is a vulnerability in N/a. Published 2008-06-04.
Is CVE-2008-2551 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.