2 results (0.004 seconds)

CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0

Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method. Desbordamiento de búfer basado en pila en Creative Software AutoUpdate Engine ActiveX Control v2.0.12.0, como el usado en Creative Software AutoUpdate 1.40.01, permite a atacantes remotos ejecutar código de su elección a través de vectores relativos al método BrowseFolder. • http://secunia.com/advisories/38970 http://secunia.com/secunia_research/2010-52 http://www.securityfocus.com/archive/1/511795/100/0/threaded http://www.securityfocus.com/bid/40768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 63%CPEs: 1EXPL: 2

Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value. Desbordamiento de búfer basado en pila en el Control Creative Software AutoUpdate Engine ActiveX en CTSUEng.ocx, permite a atacantes remotos ejecutar código de su elección a través de un valor largo en "CacheFolder". • https://www.exploit-db.com/exploits/16539 https://www.exploit-db.com/exploits/5681 http://secunia.com/advisories/30403 http://www.kb.cert.org/vuls/id/501843 http://www.securityfocus.com/bid/29391 http://www.vupen.com/english/advisories/2008/1668 https://exchange.xforce.ibmcloud.com/vulnerabilities/42673 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •