ID CVE-2009-1567 Type cve Reporter NVD Modified 2009-12-07T00:00:00
Description
Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x before 1.3, and 2.2.0.6, allow remote attackers to execute arbitrary code via a long URL string for the (1) LogURL, (2) ConnectURL, (3) SkinURL, (4) AlbumCreateURL, (5) ErrorURL, or (6) httpsinglehost property value.
{"assessment": {"system": "", "name": "", "href": ""}, "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "type": "cve", "viewCount": 0, "bulletinFamily": "NVD", "scanner": [], "edition": 1, "cvelist": ["CVE-2009-1567"], "published": "2009-12-03T12:30:00", "objectVersion": "1.2", "history": [], "title": "CVE-2009-1567", "reporter": "NVD", "hash": "bdd535434fc19d557eaf9a65142b205d19ab5506364bf244afaea2a0603f95f2", "lastseen": "2016-09-03T12:22:18", "id": "CVE-2009-1567", "description": "Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x before 1.3, and 2.2.0.6, allow remote attackers to execute arbitrary code via a long URL string for the (1) LogURL, (2) ConnectURL, (3) SkinURL, (4) AlbumCreateURL, (5) ErrorURL, or (6) httpsinglehost property value.", "modified": "2009-12-07T00:00:00", "references": ["http://www.securityfocus.com/bid/37187", "http://www.vupen.com/english/advisories/2009/3377", "http://www.securityfocus.com/archive/1/archive/1/508169/100/0/threaded", "http://www.vupen.com/english/advisories/2009/3376"], "cpe": ["cpe:/a:larts:uploader_activex_control:2.2.0.6"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1567", "enchantments": {"vulnersScore": 2.8}}
{"result": {"kaspersky": [{"id": "KLA10241", "type": "kaspersky", "title": "\r KLA10241ACE vulnerability in Lateral Arts Photobox Uploader\t\t\t ", "description": "### *CVSS*:\n9.3\n\n### *Detect date*:\n12/03/2009\n\n### *Severity*:\nCritical\n\n### *Description*:\nA buffer overflow was found in LA Photobox Uploader. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed URL.\n\n### *Affected products*:\nLateral Arts Photobox Uploader 1 versions 1.2 and earlier \nLateral Arts Photobox Uploader 2 version 2.2.0.6\n\n### *Solution*:\nUpdate to latest version\n\n### *Original advisories*:\n[Juniper description](<http://junipercloud.net/security/auto/vulnerabilities/vuln37187.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Photobox Uploader ActiveX Control](<https://threats.kaspersky.com/en/product/Photobox-Uploader-ActiveX-Control/>)\n\n### *CVE-IDS*:\n[CVE-2009-1567](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1567>)", "published": "2009-12-03T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10241", "cvelist": ["CVE-2009-1567"], "lastseen": "2018-03-30T14:10:59"}]}}
