PT-2007-1911 · Gracenote · Gracenote Cddb

Peter Vreugdenhil

Publicado

2007-04-24

Atualizado

2018-10-16

CVE-2007-0443

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Gracenote CDDB versions prior to 20070418

Description The issue is related to multiple buffer overflows in the CDDBControl ActiveX control. This can be exploited by remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters, such as Proxy settings.

Recommendations For versions prior to 20070418, update to a version released after 20070418 to resolve the issue. As a temporary workaround, consider restricting access to the CDDBControl ActiveX control until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0443

Produtos afetados

Gracenote Cddb

PT-2007-1911 · Gracenote · Gracenote Cddb

CVE-2007-0443

Identificadores relacionados

Produtos afetados

Referências · 10