Vulnerabilities > CVE-2008-7053 - Resource Management Errors vulnerability in Logmein Ractrl.Dll

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
logmein
CWE-399
critical
exploit available

Summary

LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) allows remote attackers to cause a denial of service (crash) by setting the fgcolor and bgcolor properties to certain long values that trigger memory corruption.

Vulnerable Configurations

Part Description Count
Application
Logmein
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionLogMeIn Remote Access Utility ActiveX Memory Corruption DoS. CVE-2008-7053. Dos exploit for windows platform
fileexploits/windows/dos/6326.html
idEDB-ID:6326
last seen2016-01-31
modified2008-08-29
platformwindows
port
published2008-08-29
reporterYAG KOHHA
sourcehttps://www.exploit-db.com/download/6326/
titleLogMeIn Remote Access Utility ActiveX Memory Corruption DoS
typedos

Statements

contributorLogMeIn
lastmodified2014-06-18
organizationLogMeIn
statementLogMeIn is aware of the CVE-2008-7053 issue and has resolved it on 9/3/2008. The fix is included in LogMeIn ActiveX Plugin since version 392-G2.”