Unrated severityNVD Advisory· Published Jan 23, 2008· Updated Apr 23, 2026

CVE-2008-0437

Description

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Affected products

HP/Virtual Rooms
cpe:2.3:a:hp:virtual_rooms:1.0.0.100:*:*:*:*:*:*:*
Microsoft/Activex
cpe:2.3:a:microsoft:activex:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28595nvdVendor Advisory
marc.infonvd
www.securityfocus.com/bid/27384nvd
www.vupen.com/english/advisories/2008/0236nvd
exchange.xforce.ibmcloud.com/vulnerabilities/39836nvd
www.exploit-db.com/exploits/4959nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.026
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000