CVE-2008-3702

Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Published: Aug 15, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3702
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
jcomsoft / anigif	2.47	2.47.x
jcomsoft / anigif	1.12	1.12.x
speedbit / download_accelerator_plus	8.6	8.6.x

http://securityreason.com/securityalert/4159
http://www.securityfocus.com/bid/30621
https://exchange.xforce.ibmcloud.com/vulnerabilities/44412
https://www.exploit-db.com/exploits/6216

Vulnerability Database

289,871

CVE-2008-3702