PT-2009-6574 · Softcab · Sndconverter.Ocx+1

The G0Bl!N

Published

2009-12-29

Updated

2017-08-17

CVE-2009-4453

CVSS v2.0

8.8

High

Vector

AV:N/AC:M/Au:N/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions SoftCab Sound Converter version 1.2

Description The issue allows remote attackers to create or overwrite arbitrary files. This is achieved via the SaveFormat method in the sndConverter.ocx ActiveX control.

Recommendations For version 1.2, consider disabling the SaveFormat method in the sndConverter.ocx ActiveX control as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-4453

Affected Products

Softcab Sound Converter

Sndconverter.Ocx

PT-2009-6574 · Softcab · Sndconverter.Ocx+1

CVE-2009-4453

Related Identifiers

Affected Products

References · 6