CVSS: 9.8EPSS: 89%CPEs: 2EXPL: 3CVE-2011-5171 – CyberLink (Multiple Products) - File Project Handling Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2011-5171
15 Sep 2012 — Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file. Múltiples desbordamientos de búfer basados en pila en CyberLink Power2Go v7 (build 196) y v8 (build 1031) permite a atacantes remotos ejecutar código arbitrario a través de los parámetros (1) (src) y (2) (name) en un fichero de proyecto p2g. • https://www.exploit-db.com/exploits/18220 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5243
https://notcve.org/view.php?id=CVE-2010-5243
07 Sep 2012 — Multiple untrusted search path vulnerabilities in Cyberlink Power2Go 7.0.0.0816 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) MFC71LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .p2g, .iso, .pdl, .pds, or .p2i file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de path de búsqueda no confiable en Cyberlink Power2Go v7.0.0.0816, permite a usuario locales obtener privilegios a tra... • http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html •