Lucene search

[email protected]CVE-2011-1065

HistoryFeb 23, 2011 - 1:00 a.m.

CVE-2011-1065

2011-02-2301:00:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1065

pipiwebplayer

activex control

buffer overflows

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods.

Affected configurations

NVD

Node

pipipipi_playerMatch2.8.0.0

CPENameOperatorVersion
pipi:pipi_playerpipi pipi playereq2.8.0.0

CPE	Name	Operator	Version
pipi:pipi_player	pipi pipi player	eq	2.8.0.0

References

secunia.com/advisories/43394

www.securityfocus.com/bid/46468

www.wooyun.org/bugs/wooyun-2010-01382

www.wooyun.org/bugs/wooyun-2010-01383

exchange.xforce.ibmcloud.com/vulnerabilities/65537

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2011-1065

prion1 nvd1 openvas2 cvelist1