CVE-2008-3702

JComSoft AniGIF.ocx <2.47 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3702. PoCs published by Guido Landi.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in the `anigif.ocx` ActiveX control (CLSID: 82351441-9094-11D1-A24B-00A0C932C7DF) via the `ReadGIF` method. The PoC crafts a malicious GIF buffer to trigger the overflow, potentially leading to arbitrary code execution in Internet Explorer.

Description

Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Guido Landi · htmldoswindows
https://www.exploit-db.com/exploits/6216

This exploit targets a stack-based buffer overflow in the `anigif.ocx` ActiveX control (CLSID: 82351441-9094-11D1-A24B-00A0C932C7DF) via the `ReadGIF` method. The PoC crafts a malicious GIF buffer to trigger the overflow, potentially leading to arbitrary code execution in Internet Explorer.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: anigif.ocx (distributed with Download Accelerator Plus 6.8 and other applications)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6216
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4159
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30621
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44412

Scores

EPSS 0.0973
EPSS Percentile 94.9%

Details

CWE
CWE-119
Status published
Products (3)
jcomsoft/anigif 1.12
jcomsoft/anigif 2.47
speedbit/download_accelerator_plus 8.6
Published Aug 15, 2008
Tracked Since Feb 18, 2026