CVE-2009-1612
BaoFeng - ActiveX 'OnBeforeVideoDownload()' Remote Buffer Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.
Un desbordamiento de búfer en la región stack de la memoria en el control ActiveX de MPS.StormPlayer.1 en la biblioteca mps.dll versión 3.9.4.27 en Storm de Baofeng, permite a los atacantes remotos ejecutar código arbitrario por medio de un argumento largo en el método OnBeforeVideoDownload, como se explotó “in the wild” en abril y mayo de 2009. NOTA: algunos de estos datos fueron obtenidos de la información de terceros. NOTA: más tarde se informó que versiones 3.09.04.17 y anteriores también están afectadas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-05-11 CVE Reserved
- 2009-05-11 CVE Published
- 2010-04-30 First Exploit
- 2024-08-07 CVE Updated
- 2024-10-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.cisrt.org/enblog/read.php?245 | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/8579 | 2024-08-07 | |
https://www.exploit-db.com/exploits/16553 | 2010-04-30 | |
http://www.securityfocus.com/bid/34789 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/34944 | 2017-09-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.7.9_8 Search vendor "Baofeng" for product "Storm" and version "2.7.9_8" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.7.9_10 Search vendor "Baofeng" for product "Storm" and version "2.7.9_10" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.8 Search vendor "Baofeng" for product "Storm" and version "2.8" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.9 Search vendor "Baofeng" for product "Storm" and version "2.9" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 3.9.3_25 Search vendor "Baofeng" for product "Storm" and version "3.9.3_25" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 3.9.3_30 Search vendor "Baofeng" for product "Storm" and version "3.9.3_30" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 3.9.4_17 Search vendor "Baofeng" for product "Storm" and version "3.9.4_17" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 3.9.4_27 Search vendor "Baofeng" for product "Storm" and version "3.9.4_27" | - |
Affected
|