Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20816
HistoryAug 06, 2011 - 12:00 a.m.

UUSee UUPlayer ActiveX控件多个远程代码执行漏洞

2011-08-0600:00:00
Root
www.seebug.org
16

EPSS

0.074

Percentile

94.1%

JSON

Bugtraq ID: 48975
CVE ID:CVE-2011-2589
CVE-2011-2590

UUSee是一款集P2P直播点播于一身的网络电视软件。
UUSee存在两个安全漏洞,允许攻击者以应用程序上下文执行任意代码。
-当处理"SendLogAction()"方法时UUPlayer ActiveX控件存在边界错误,通过提交超长参数可触发基于堆的缓冲区溢出。
-当处理"Play()"方法时UUPlayer ActiveX控件存在输入验证错误,向"MPlayerPath"参数传递UNC路径可以应用程序上下文执行任意程序。

UUSee UUPlayer 6.0.0.1
厂商解决方案
目前没有详细解决方案提供:
http://mydown.yesky.com/soft/multimedia/videoplayer/335/407335.shtml

Related

openvas 2
nvd 2
prion 2
cvelist 2
cve 2
openvas
openvas
UUSee UUPlayer ActiveX Control Multiple Remote Code Execution Vulnerabilities
2011-08-31 00:00:00
UUSee UUPlayer ActiveX Control Multiple RCE Vulnerabilities
2011-08-31 00:00:00
nvd
nvd
CVE-2011-2589
2011-08-09 22:55:00
CVE-2011-2590
2011-08-09 22:55:00
prion
prion
Heap overflow
2011-08-09 22:55:00
Code injection
2011-08-09 22:55:00
cvelist
cvelist
CVE-2011-2589
2011-08-09 22:00:00
CVE-2011-2590
2011-08-09 22:00:00
cve
cve
CVE-2011-2589
2011-08-09 22:55:00
CVE-2011-2590
2011-08-09 22:55:00

EPSS

0.074

Percentile

94.1%

JSON
Related for SSV:20816
openvas2nvd2prion2cvelist2cve2