What is CVE-2008-4255?

CVE-2008-4255 is a vulnerability in N/a. Published 2008-12-10.

Is CVE-2008-4255 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and…

EPSS: 0.657 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

32613 (vdb-entry, x_refsource_BID)
ADV-2008-3382 (vdb-entry, x_refsource_VUPEN)
www.zerodayinitiative.com/advisories/ZDI-08-083/ (x_refsource_MISC)
www.zerodayinitiative.com/advisories/ZDI-08-083 (x_refsource_MISC)
1021369 (vdb-entry, x_refsource_SECTRACK)
MS08-070 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:6032 (x_refsource_OVAL, signature, vdb-entry)
support.avaya.com/elmodocs2/security/ASA-2008-473.htm (x_refsource_CONFIRM)
TA08-344A (x_refsource_CERT, third-party-advisory)
20081209 ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2008-4255?: CVE-2008-4255 is a vulnerability in N/a. Published 2008-12-10.
Is CVE-2008-4255 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.