8.7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.816 High
EPSS
Percentile
98.3%
Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.
CPE | Name | Operator | Version |
---|---|---|---|
interactual_player | eq | 2.60.12.0717 | |
windvd | eq | 7.0.27.172 | |
cineplayer | eq | 3.2 |
osvdb.org/34314
osvdb.org/34315
secunia.com/advisories/23032
secunia.com/advisories/23075
secunia.com/advisories/24556
secunia.com/secunia_research/2007-37/advisory/
www.kb.cert.org/vuls/id/922969
www.securityfocus.com/archive/1/463405/100/0/threaded
www.securityfocus.com/bid/23071
www.vupen.com/english/advisories/2007/1042
www.vupen.com/english/advisories/2007/1043
exchange.xforce.ibmcloud.com/vulnerabilities/33186