Unrated severityNVD Advisory· Published Apr 8, 2008· Updated Jun 16, 2026
CVE-2008-1617
CVE-2008-1617
Description
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:interwoven:worksite_web:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:interwoven:worksite_web:*:*:*:*:*:*:*:*range: <=8.2
- (no CPE)range: < SP1 P2
- Range: = 8,2,1,4
Patches
Vulnerability mechanics
References
5- www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdfnvdExploit
- www.securityfocus.com/bid/28628nvdExploit
- secunia.com/advisories/29733nvdVendor Advisory
- www.vupen.com/english/advisories/2008/1134/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41699nvd
News mentions
0No linked articles in our index yet.