Lucene search

[email protected]CVE-2009-2570

HistoryJul 22, 2009 - 5:30 p.m.

CVE-2009-2570

2009-07-2217:30:00

CWE-119

[email protected]

web.nvd.nist.gov

symantec

faxviewercontrol

activex control

buffer overflow

cve-2009-2570

winfax pro

security vulnerability

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.921 High

EPSS

Percentile

99.0%

JSON

Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.

Affected configurations

NVD

Node

symantecwinfax_proMatch10.03

CPENameOperatorVersion
symantec:winfax_prosymantec winfax proeq10.03

CPE	Name	Operator	Version
symantec:winfax_pro	symantec winfax pro	eq	10.03

References

osvdb.org/54137

retrogod.altervista.org/9sg_symantec_win_fuck_pro.html

secunia.com/advisories/34925

www.securityfocus.com/archive/1/503074/100/0/threaded

www.securityfocus.com/archive/1/503086/100/0/threaded

www.securityfocus.com/archive/1/503163/100/0/threaded

www.securityfocus.com/bid/34766

www.securitytracker.com/id?1022147

www.vupen.com/english/advisories/2009/1221

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.921 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2009-2570

nessus2 cvelist1 nvd1 prion1