UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities

This host is installed with UUSee UUPlayer and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpoduuseeuuplayeractivexmultcodeexecvuln.nasl 5367 2017-02-20 14:16:52Z cfi $ UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities...

CVE-2011-2589

Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument...

CVE-2011-2589

UUSee UUPlayer ActiveX Control in UUSee 2010 6.11.0609.2 has a heap-based buffer overflow in SendLogAction of the ActiveX control (version 6.0.0.1) that may allow remote code execution. Connected OpenVAS entries corroborate multiple remote code execution vulnerabilities in UUPlayer, but do not sp...

CVE-2011-2589

Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument...

UUSee UUPlayer ActiveX控件多个远程代码执行漏洞

Bugtraq ID: 48975 CVE ID：CVE-2011-2589 CVE-2011-2590 UUSee是一款集P2P直播点播于一身的网络电视软件。 UUSee存在两个安全漏洞，允许攻击者以应用程序上下文执行任意代码。 -当处理"SendLogAction"方法时UUPlayer ActiveX控件存在边界错误，通过提交超长参数可触发基于堆的缓冲区溢出。 -当处理"Play"方法时UUPlayer ActiveX控件存在输入验证错误，向"MPlayerPath"参数传递UNC路径可以应用程序上下文执行任意程序。 UUSee UUPlayer 6.0.0.1 厂商解决方案...