9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.611 Medium
EPSS
Percentile
97.8%
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
CPE | Name | Operator | Version |
---|---|---|---|
iseemedia:lpviewer | iseemedia lpviewer | eq | * |
mgi_software:lpviewer | mgi software lpviewer | eq | * |
roxio:lpviewer | roxio lpviewer | eq | * |