Lucene search

[email protected]CVE-2009-4219

HistoryDec 07, 2009 - 5:30 p.m.

CVE-2009-4219

2009-12-0717:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4219

stack-based buffer overflow

myactivex

activex control

myactivex.ocx

remote code execution

haihaisoft universal player

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.156 Low

EPSS

Percentile

96.0%

JSON

Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx 1.4.8.0 in Haihaisoft Universal Player allows remote attackers to execute arbitrary code via a long URL property value. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

haihaisofthaihaisoft_universal_playerMatch1.4.8.0

CPENameOperatorVersion
haihaisoft:haihaisoft_universal_playerhaihaisoft haihaisoft universal playereq1.4.8.0

CPE	Name	Operator	Version
haihaisoft:haihaisoft_universal_player	haihaisoft haihaisoft universal player	eq	1.4.8.0

References

secunia.com/advisories/37509

www.securityfocus.com/bid/82346

www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.156 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2009-4219

cvelist1 nvd1 prion1