CVE-2009-0194

Name of the Vulnerable Software and Affected Versions Garmin Communicator Plug-In version 2.6.4.0

Description The issue concerns the domain-locking implementation in the Garmin Communicator Plug-In, which fails to properly enforce restrictions on download and upload requests. This allows remote attackers to obtain sensitive information or reconfigure Garmin GPS devices via unspecified vectors related to a "synchronisation error."

Recommendations For Garmin Communicator Plug-In version 2.6.4.0, consider restricting access to the npGarmin.dll file to minimize the risk of exploitation until a patch is available.