3 matches found
Ubisoft Uplay 2.0.3 ActiveX Control Arbitrary Code Execution (CVE-2012-4177)
A remote code execution vulnerability exists in Ubisoft Uplay 2.0.3. The vulnerability is due to insufficient verification of a command path parameter value when parsing a Uplay ActiveX object. A remote attacker can exploit this vulnerability by enticing a user to open a webpage that contains a...
CVE-2012-4177
creationtimestamp| type| source ---|---|--- 2012-08-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/20321 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ubisoftuplaycmdexec.rb 2025-02-06 03:13:40+00:00...
CVE-2012-4177
The CVE-2012-4177 issue affects Ubisoft Uplay PC before 2.0.4, arising from the web browser plugin’s handling of the -orbit_exe_path argument. A remote, unauthenticated attacker could lure a user to a crafted webpage to trigger arbitrary code execution via the ActiveX/plugin, as documented by mul...