CVE-2011-1065

Sažetak

Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods.

Reference

http://secunia.com/advisories/43394
http://www.securityfocus.com/bid/46468
http://www.wooyun.org/bugs/wooyun-2010-01382
http://www.wooyun.org/bugs/wooyun-2010-01383
https://exchange.xforce.ibmcloud.com/vulnerabilities/65537

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-08-2017 - 01:33

Objavljeno

23-02-2011 - 01:00