CVE-2009-1567

EUVD-2009-1563
Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x before 1.3, and 2.2.0.6, allow remote attackers to execute arbitrary code via a long URL string for the (1) LogURL, (2) ConnectURL, (3) SkinURL, (4) AlbumCreateURL, (5) ErrorURL, or (6) httpsinglehost property value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
lartsuploader_activex_control
2.2.0.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/37138
http://secunia.com/advisories/37492
http://secunia.com/secunia_research/2009-41/
http://www.securityfocus.com/archive/1/508169/100/0/threaded
http://www.securityfocus.com/bid/37187
http://www.vupen.com/english/advisories/2009/3376
http://www.vupen.com/english/advisories/2009/3377
http://secunia.com/advisories/37138
http://secunia.com/advisories/37492
http://secunia.com/secunia_research/2009-41/
http://www.securityfocus.com/archive/1/508169/100/0/threaded
http://www.securityfocus.com/bid/37187
http://www.vupen.com/english/advisories/2009/3376
http://www.vupen.com/english/advisories/2009/3377