Gracenote CDDBControl ActiveX Control 'ViewProfile' Method Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to execute...

Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of th...

Gracenote CDDBControl - ActiveX Control ViewProfile Method Heap Buffer Overflow (PoC)

Gracenote CDDBControl - ActiveX Control ViewProfile Method Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied inpu...

CVE-2007-0443

Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...

Buffer overflow

Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...

CVE-2007-0443

Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...

CVE-2007-0443

The CVE-2007-0443 issue affects GraceNote’s CDDBControl ActiveX Control. The vulnerability is a buffer overflow in the ActiveX proxy-configuration parameters when long strings are supplied, which can allow remote code execution on affected Windows hosts. Exploitation requires the user to visit a ...

GraceNote CDDBControl ActiveX buffer overflow

Buffer overflow on oversized proxy configuration paramters...

ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability

ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-021.html April 19, 2007 -- CVE ID: CVE-2007-0443 -- Affected Vendor: GraceNote -- Affected Products: CDDBControl ActiveX Control -- TippingPointTM IPS Customer Protection:...

GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of GraceNote's CDDBControl ActiveX Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a buffer overflow in an...

AOL CDDBControl ActiveX控件缓冲区溢出漏洞

AOL是一款流行的即时通信软件。 AOL Client Software处理"CDDBControlAOL.CDDBAOLControl" ActiveX控件存在问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 当"CDDBControlAOL.CDDBAOLControl" ActiveX控件cddbcontrol.dll处理传递个"SetClientInfo"函数方法的"ClientId"参数时缺少正确的边界错误，提交超长字符串可发生基于堆栈的缓冲区溢出，精心构建参数数据可导致以应用程序进程权限执行任意指令。 AOL Client Software 9.0 Securit...

[SA23043] AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow

TITLE: AOL CDDBControl ActiveX Control "SetClientInfo" Buffer Overflow SECUNIA ADVISORY ID: SA23043 VERIFY ADVISORY: http://secunia.com/advisories/23043/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: AOL 9.x http://secunia.com/product/6840/ AOL 8.x...

Gracenote CDDBControl ActiveX Control Option String Overflow

The Windows remote host contains the Gracenote CDDBControl ActiveX control, which is used by various products, including AOL's software, to lookup CD information in the Gracenote CDDB and is commonly marked as safe for scripting. The version of this ActiveX control on the remote host reportedly...

CVE-2006-3134

Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string...

CVE-2006-3134

CVE-2006-3134 concerns the GraceNote CDDBControl ActiveX control. The vulnerability is a buffer overflow in the CDDB ActiveX object triggered by a long option string, allowing a remote attacker to execute arbitrary code on systems where the control is present. Affected vendors include AOL, Gracen...

CVE-2006-3134

Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string...