- Description
- Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
- Source
- cret@cert.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:iseemedia:lpviewer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F6D98F4-A143-4D58-AB55-189EFD7DF1EE"
},
{
"criteria": "cpe:2.3:a:mgi_software:lpviewer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF5732B5-E262-4638-8B5B-5B751A2A94F1"
},
{
"criteria": "cpe:2.3:a:roxio:lpviewer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5F79B6C-9359-4A48-8206-CE8FA305338A"
}
],
"operator": "OR"
}
]
}
]