Lucene search
K

4 matches found

seebug.org
seebug.org
added 2009/10/20 12:0 a.m.53 views

UiPlayer UiCheck组件栈溢出漏洞

CVE ID: CVE-2009-2970 UiPlayer网络视频播放软件是联合网视(UITV)公司的视频播放软件。 UiPlayer的安装目录下的UiCheck.dll是一个ActiveX控件,该控件允许在IE中加载。UiCheck.dll提供了一个接口函数 GetUiDllVersion,该函数会把接收到的文件名参数拷贝到一个固定大小的缓冲区,如果文件名超长,就会导致栈溢出。 因为和百度等公司的合作,很多视频播放软件中也集成了UiPlayer,例如百度下吧等。 UiTV UiPlayer UiCheck.dll 1.0.0.6 Baidu BaiduV 临时解决方法:...

9.3CVSS6.4AI score0.03313EPSS
Exploits1
CVE
CVE
added 2009/10/19 7:27 p.m.44 views

CVE-2009-2970

CVE-2009-2970 affects UiTV UiPlayer’s UiCheck.dll (ActiveX) prior to version 1.0.0.7. The GetUiDllVersion function copies the filename parameter into a fixed-size buffer, and long filenames trigger a stack-based buffer overflow. This could allow remote code execution via crafted input delivered t...

9.3CVSS8AI score0.03313EPSS
Exploits1References2Affected Software2
securityvulns
securityvulns
added 2009/10/19 12:0 a.m.45 views

NSFOCUS SA2009-01 : UiTV UiPlayer UiCheck Component Stack Buffer Overflow Vulnerability

NSFOCUS Security Advisory SA2009-01 UiTV UiPlayer UiCheck Component Stack Buffer Overflow Vulnerability Release Date: 2009-10-16 CVE ID: CVE-2009-2970 http://www.nsfocus.com/en/advisories/0901.html Affected system: ============== UiTV UiPlayer UiCheck.dll 1.0.0.6 and prior versions Unaffected...

9.3CVSS0.7AI score0.03313EPSS
Exploits1
Kaspersky
Kaspersky
added 2009/10/19 12:0 a.m.34 views

KLA10374 ACE vulnerability in UiTV UiPlayer

A buffer overflow was found in UiTV UiPlayer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed filename parameter. Original advisories - Related products UiTV-UiPlayer CVE list CVE-2009-2970 critical...

9.3CVSS7.9AI score0.03313EPSS
Exploits1References2
Rows per page
Query Builder