CVE-2009-1092

Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
geovisionliveaudio_activex_control
7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://retrogod.altervista.org/9sg_geovision_liveaudio_freedmem.html
http://www.securityfocus.com/archive/1/501773/100/0/threaded
http://www.securityfocus.com/bid/34115
https://exchange.xforce.ibmcloud.com/vulnerabilities/49238
https://www.exploit-db.com/exploits/8206
http://retrogod.altervista.org/9sg_geovision_liveaudio_freedmem.html
http://www.securityfocus.com/archive/1/501773/100/0/threaded
http://www.securityfocus.com/bid/34115
https://exchange.xforce.ibmcloud.com/vulnerabilities/49238
https://www.exploit-db.com/exploits/8206