Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2570

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-2570
Last Modified 13 Feb 2010 02:18:14
Published 22 Jul 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2570

Summary

Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.

Vulnerable Systems

Application

  • Symantec Winfax Pro 10.03


References

VUPEN - ADV-2009-1221

SECTRACK - 1022147

BID - 34766

BUGTRAQ - 20090430 Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit

BUGTRAQ - 20090429 Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit

BUGTRAQ - 20090429 Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit

MS - MS10-008

SECUNIA - 34925

MISC - http://retrogod.altervista.org/9sg_symantec_win_fuck_pro.html

OSVDB - 54137


Last Updated: 27 May 2016 10:50:57