Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1065

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1065
Last Modified 21 Apr 2011 12:00:00
Published 22 Feb 2011 08:00:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1065

Summary

Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods.

Vulnerable Systems

Application

  • Pipi Player 2.8.0.0


References

XF - pipiplayer-activex-control-bo(65537)

MISC - http://www.wooyun.org/bugs/wooyun-2010-01383

MISC - http://www.wooyun.org/bugs/wooyun-2010-01382

BID - 46468

SECUNIA - 43394


Last Updated: 27 May 2016 10:56:08