CVE-2008-0634

Description

Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.

Affected products

• sejoong_namo / activesquare6 – 6
• sejoong_namo / namoinstall.1_activex_control3.0.0.1 – 3.0.0.1

References

• EXPLOIThttps://www.exploit-db.com/exploits/5045
• VENDOR_ADVISORYhttp://secunia.com/advisories/28649
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/40199