CVE-2008-3702

JComSoft AniGIF.ocx <2.47 - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Guido Landi · htmldoswindows

https://www.exploit-db.com/exploits/6216

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6216

[Third Party Advisory] http://securityreason.com/securityalert/4159

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30621

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44412

Scores

EPSS 0.0584

EPSS Percentile 90.6%

Details

CWE

CWE-119

Status published

Products (3)

jcomsoft/anigif 1.12

jcomsoft/anigif 2.47

speedbit/download_accelerator_plus 8.6

Published Aug 15, 2008

Tracked Since Feb 18, 2026