14 matches found
EUVD-2011-2572
Malware in sbrugna...
EUVD-2011-2573
Malware in sbrugna...
UUSee UUPlayer ActiveX Control Multiple RCE Vulnerabilities
UUSee UUPlayer is prone to multiple remote code execution vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities
This host is installed with UUSee UUPlayer and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpoduuseeuuplayeractivexmultcodeexecvuln.nasl 5367 2017-02-20 14:16:52Z cfi $ UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities...
Heap overflow
Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument...
Code injection
The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter...
CVE-2011-2590
The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter...
CVE-2011-2589
Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument...
CVE-2011-2589
Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument...
CVE-2011-2589
UUSee UUPlayer ActiveX Control in UUSee 2010 6.11.0609.2 has a heap-based buffer overflow in SendLogAction of the ActiveX control (version 6.0.0.1) that may allow remote code execution. Connected OpenVAS entries corroborate multiple remote code execution vulnerabilities in UUPlayer, but do not sp...
CVE-2011-2590
The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter...
CVE-2011-2590
CVE-2011-2590 affects UUSee UUPlayer ActiveX Control 6.0.0.1 (UUSee 2010 6.11.0609.2). The Play() method allows remote code execution by passing a UNC path in the MPlayerPath parameter, enabling application-context execution. OpenVAS entries also describe multiple remote code execution vulnerabil...
UUSee UUPlayer ActiveX控件多个远程代码执行漏洞
Bugtraq ID: 48975 CVE ID:CVE-2011-2589 CVE-2011-2590 UUSee是一款集P2P直播点播于一身的网络电视软件。 UUSee存在两个安全漏洞,允许攻击者以应用程序上下文执行任意代码。 -当处理"SendLogAction"方法时UUPlayer ActiveX控件存在边界错误,通过提交超长参数可触发基于堆的缓冲区溢出。 -当处理"Play"方法时UUPlayer ActiveX控件存在输入验证错误,向"MPlayerPath"参数传递UNC路径可以应用程序上下文执行任意程序。 UUSee UUPlayer 6.0.0.1 厂商解决方案...
UUSee UUPlayer ActiveX控件"DoCmd()"缓冲区溢出漏洞
UUSee是一款集P2P直播点播于一身的网络电视软件。 UUPlayer.ocx ActiveX控件处理DoCmd方法时没有验证输入内容,导致内存破坏,攻击者构建恶意WEB页,诱使用户解析可导致基于栈的缓冲区溢出,成功利用漏洞可以以应用程序上下文执行任意代码。 UUPlayer ActiveX Control UUPlayer.ocx 6.x UUSee 2010 厂商解决方案 目前没有详细解决方案提供: http://www.uusee.com/ html object classid=”clsid:77910CD3-5447-4CCB-92DE-35BA8198BE81″...