CVE-2008-0437

CVE Database · CVE-2008-0437

CVE-2008-0437

· N/AModified

CVSS v3.1

N/A

EPSS

58.08%

Published

Jan 23, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBHP Virtual Rooms WebHPVCInstall Control - Remote Buffer Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Weaknesses (CWE)

CWE-119

Affected Products (2)

hp · virtual_roomsvulnerable

microsoft · activexvulnerable

References (12)

http://marc.info/?l=full-disclosure&m=120098751528333&w=2

http://secunia.com/advisories/28595

Vendor Advisory

http://www.securityfocus.com/bid/27384

http://www.vupen.com/english/advisories/2008/0236

https://exchange.xforce.ibmcloud.com/vulnerabilities/39836