CVE-2009-1666

Name of the Vulnerable Software and Affected Versions: CycloMedia CycloScopeLite version 2.50.3.0

Description: The issue is related to multiple unspecified vulnerabilities that allow remote attackers to execute arbitrary code. This is achieved via the ReturnConnection method in several DLL files, including CM ADOConnection.dll, CM AddressInfoDBC.dll, and CM RecordingLocationDBC.dll. The vulnerabilities are related to improper dereferencing.

Recommendations: For CycloMedia CycloScopeLite version 2.50.3.0, consider restricting access to the ReturnConnection method in the affected DLL files until a patch is available. As a temporary workaround, disabling the ReturnConnection method could help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.