|
|
CVE Reference: CVE-2008-4342 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-4342 |
|
|
Description: NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to overwrite and create arbitrary files via calls to the EnableLog and LogMessage methods. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45330 SAID Secunia Advisory: SA32455 Secunia Advisory: SA31936 Secunia Advisory: SA31949 Secunia Advisory: SA31950 MISC http://www.shinnai.net/xplits/TXT_TrWE9AJA8nQpuFsnxBcq http://retrogod.altervista.org/9sg_numedia_xpl.html MILW0RM http://www.milw0rm.com/exploits/6491 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/497831/100/0/threaded BID 31374 |
|
| Return to the previous page. |
