PT-2009-6381 · Haihaisoft · Haihaisoft Universal Player
Published
2009-12-07
·
Updated
2024-02-14
·
CVE-2009-4219
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Haihaisoft Universal Player MyActiveX.ocx version 1.4.8.0
Description
The issue is related to a stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long URL property value.
Recommendations
For version 1.4.8.0, consider disabling the MYACTIVEX.MyActiveXCtrl.1 ActiveX control until a patch is available to prevent potential exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Haihaisoft Universal Player