OSVDB ID: 49791

Title: ooVoo oovoo.exe URI Handler Command Line Argument Overflow

Info

Disclosure

Nov 11, 2008

Discovery

Unknown

Dates

Exploit

Nov 11, 2008

Solution

Unknown

Description

Classification

Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified

Solution

Upgrade to version 1.7.1.59 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2008-6953 (see also: NVD)
Bugtraq ID: 32251
Secunia Advisory ID: 32698
ISS X-Force ID: 46549
Exploit Database: 7090
Milw0rm: 7090
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-11/0082.html
http://archives.neohapsis.com/archives/bugtraq/2008-12/0171.html
Other Advisory URL: http://retrogod.altervista.org/9sg_oovoo_url_poc.html
http://www.vupen.com/english/advisories/2008/3124

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/49791