CVE-2009-1567

Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x before 1.3, and 2.2.0.6, allow remote attackers to execute arbitrary code via a long URL string for the (1) LogURL, (2) ConnectURL, (3) SkinURL, (4) AlbumCreateURL, (5) ErrorURL, or (6) httpsinglehost property value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
lartsuploader_activex_control
2.2.0.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/37138
http://secunia.com/advisories/37492
http://secunia.com/secunia_research/2009-41/
http://www.securityfocus.com/archive/1/508169/100/0/threaded
http://www.securityfocus.com/bid/37187
http://www.vupen.com/english/advisories/2009/3376
http://www.vupen.com/english/advisories/2009/3377
http://secunia.com/advisories/37138
http://secunia.com/advisories/37492
http://secunia.com/secunia_research/2009-41/
http://www.securityfocus.com/archive/1/508169/100/0/threaded
http://www.securityfocus.com/bid/37187
http://www.vupen.com/english/advisories/2009/3376
http://www.vupen.com/english/advisories/2009/3377