CVE-2008-0477
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-0477
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX control in QMPUpgrade.dll 1.0.0.1 in Move Networks Upgrade Manager allows remote attackers to execute arbitrary code via a long first argument to the Upgrade method. NOTE: some of these details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Move Networks QMPUpgrade.dll控件栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Move Networks Media Player是一款网络流媒体播放器。 Move Networks的ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 Move Networks所安装的QMPUpgrade.Upgrade.1 ActiveX控件(QMPUpgrade.dll)没有正确地处理传送给Upgrade()函数的参数,如果用户受骗访问了恶意网页并向该方式传送了超长参数的话,就可能触发栈溢出,导致执行任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-0477
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-0477
Please Login to view more intelligence information
Same Patch Batch · n/a · 2008-01-29 · 20 CVEs total
| CVE-2008-0471 | phpBB 'privmsg.php'跨站请求伪造漏洞 | |
| CVE-2008-0481 | WEB Wiz Rich Text Editor 'RTE_file_browser.asp'目录遍历漏洞 | |
| CVE-2008-0480 | Web Wiz Products 多个目录遍历漏洞 | |
| CVE-2008-0479 | Web Wiz NewsPad 'RTE_file_browser.asp'目录遍历漏洞 | |
| CVE-2008-0478 | SetCMS 'index.php'目录遍历漏洞 | |
| CVE-2008-0476 | ManageEngine Applications Manager 远程文件验证漏洞 | |
| CVE-2008-0475 | ManageEngine Applications Manager 敏感信息泄露漏洞 | |
| CVE-2008-0474 | ManageEngine Applications Manager 多个跨站脚本漏洞 | |
| CVE-2008-0473 | WEB Wiz Rich Text Editor 'RTE_popup_save_file.asp'输入验证漏洞 | |
| CVE-2008-0472 | woltlab burning_board 'modcp.php'跨站请求伪造漏洞 | |
| CVE-2008-0174 | GE Fanuc Proficy Real-Time Information Portal敏感信息泄露漏洞 | |
| CVE-2008-0470 | Comodo AntiVirus ActiveX控件任意命令执行漏洞 | |
| CVE-2008-0469 | Tiger Php News System 'index.php' SQL注入漏洞 | |
| CVE-2008-0468 | Flinx 'category.php' SQL注入漏洞 | |
| CVE-2007-6694 | Linux Kernel PowerPC chrp_show_cpuinfo函数空指针引用漏洞 | |
| CVE-2008-0467 | Firebird 远程栈缓冲区溢出漏洞 | |
| CVE-2008-0387 | Firebird数据库多个整数溢出漏洞 | |
| CVE-2008-0176 | GE Fanuc CIMPLICITY HMI SCADA 'w32rtr.exe' 远程堆缓冲区溢出漏洞 | |
| CVE-2008-0175 | GE Fanuc Proficy Real-Time Information Portal远程代码执行漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2008-0477
No comments yet