Unrated severityNVD Advisory· Published Oct 7, 2008· Updated Apr 23, 2026

CVE-2008-4384

Description

Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.

Affected products

Roxio/Lpviewer3 versions
cpe:2.3:a:iseemedia:lpviewer:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:iseemedia:lpviewer:*:*:*:*:*:*:*:*
- cpe:2.3:a:mgi_software:lpviewer:*:*:*:*:*:*:*:*
- cpe:2.3:a:roxio:lpviewer:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/32140nvdVendor Advisory
www.kb.cert.org/vuls/id/848873nvdUS Government Resource
www.securityfocus.com/bid/31604nvd
www.vupen.com/english/advisories/2008/2749nvd
exchange.xforce.ibmcloud.com/vulnerabilities/45699nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.052
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000