Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0959

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0959
Last Modified 07 Mar 2011 10:05:43
Published 29 May 2008 12:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0959

Summary

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Alivemedia Alive Mp3 Wav Converter 3.9.3.2

  • Online Media Technologies Nctaudioeditor Activex Control

  • Online Media Technologies Nctaudiostudio Activex Control

  • Orion Studios Cinematicmp3 1.4.0.0

  • Ussun Power Audio Cd Burner 1.02

  • Ussun Power Audio Cd Grabber 1.0


References

CERT-VN - VU#669265

XF - nctaudiostudio-nctaudioinformation2-bo(42680)

VUPEN - ADV-2008-1669

SECUNIA - 30458

SECUNIA - 30457

SECUNIA - 30456

SECUNIA - 30454

SECUNIA - 30453

SECUNIA - 30452

SECUNIA - 30451

SECUNIA - 30445

SECUNIA - 30421

SECUNIA - 30419

SECUNIA - 30418

SECUNIA - 30415

SECUNIA - 30395


Last Updated: 27 May 2016 10:46:58