← back
CVE-2008-1886

CVE-2008-1886

EPSS 6.7%
The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be used by arbitrary web sites to host exploit code that targets this control.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5397unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/bugtraq/2008/Apr/0065.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41933https://www.exploit-db.com/exploits/5397http://www.securityfocus.com/bid/28666