CVE-2008-4827

N/A Unknown

Published: January 08, 2009 Modified: April 23, 2026

Description

Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/32609

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/advisories/32648

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/advisories/32672

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/secunia_research/2008-52/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/secunia_research/2008-53/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/secunia_research/2008-54/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://securityreason.com/securityalert/4879

Source: PSIRT-CNA@flexerasoftware.com

http://securitytracker.com/id?1021529

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/archive/1/499830/100/0/threaded

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/33148

Source: PSIRT-CNA@flexerasoftware.com

http://www.vupen.com/english/advisories/2009/0036

Source: PSIRT-CNA@flexerasoftware.com

http://www.vupen.com/english/advisories/2009/0037

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/47769

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/47770

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/47771

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/32609

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/32648

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/32672

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/secunia_research/2008-52/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/secunia_research/2008-53/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/secunia_research/2008-54/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/4879

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1021529

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/499830/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/33148

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0036

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0037

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/47769

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/47770

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/47771

Source: af854a3a-2127-422b-91ae-364da2661108

30 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

20.5%

96th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

sap componentone servantix

Related CVEs

CVE-2026-41907 N/A

CVE-2026-41894 N/A

CVE-2026-41492 9.8

CVE-2026-41421 8.8

CVE-2026-41419 7.6