CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.2%
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
alivemedia | alive_mp3_wav_converter | 3.9.3.2 | cpe:2.3:a:alivemedia:alive_mp3_wav_converter:3.9.3.2:*:*:*:*:*:*:* |
online_media_technologies | nctaudioeditor_activex_control | * | cpe:2.3:a:online_media_technologies:nctaudioeditor_activex_control:*:*:*:*:*:*:*:* |
online_media_technologies | nctaudiostudio_activex_control | * | cpe:2.3:a:online_media_technologies:nctaudiostudio_activex_control:*:*:*:*:*:*:*:* |
orion_studios | cinematicmp3 | 1.4.0.0 | cpe:2.3:a:orion_studios:cinematicmp3:1.4.0.0:*:*:*:*:*:*:* |
ussun | power_audio_cd_burner | 1.02 | cpe:2.3:a:ussun:power_audio_cd_burner:1.02:*:*:*:*:*:*:* |
ussun | power_audio_cd_grabber | 1.0 | cpe:2.3:a:ussun:power_audio_cd_grabber:1.0:*:*:*:*:*:*:* |
secunia.com/advisories/30395
secunia.com/advisories/30415
secunia.com/advisories/30418
secunia.com/advisories/30419
secunia.com/advisories/30421
secunia.com/advisories/30445
secunia.com/advisories/30451
secunia.com/advisories/30452
secunia.com/advisories/30453
secunia.com/advisories/30454
secunia.com/advisories/30456
secunia.com/advisories/30457
secunia.com/advisories/30458
www.kb.cert.org/vuls/id/669265
www.vupen.com/english/advisories/2008/1669
exchange.xforce.ibmcloud.com/vulnerabilities/42680