3 matches found
UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities
This host is installed with UUSee UUPlayer and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpoduuseeuuplayeractivexmultcodeexecvuln.nasl 5367 2017-02-20 14:16:52Z cfi $ UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities...
CVE-2011-2590
CVE-2011-2590 affects UUSee UUPlayer ActiveX Control 6.0.0.1 (UUSee 2010 6.11.0609.2). The Play() method allows remote code execution by passing a UNC path in the MPlayerPath parameter, enabling application-context execution. OpenVAS entries also describe multiple remote code execution vulnerabil...
UUSee UUPlayer ActiveX控件多个远程代码执行漏洞
Bugtraq ID: 48975 CVE ID:CVE-2011-2589 CVE-2011-2590 UUSee是一款集P2P直播点播于一身的网络电视软件。 UUSee存在两个安全漏洞,允许攻击者以应用程序上下文执行任意代码。 -当处理"SendLogAction"方法时UUPlayer ActiveX控件存在边界错误,通过提交超长参数可触发基于堆的缓冲区溢出。 -当处理"Play"方法时UUPlayer ActiveX控件存在输入验证错误,向"MPlayerPath"参数传递UNC路径可以应用程序上下文执行任意程序。 UUSee UUPlayer 6.0.0.1 厂商解决方案...