Vulnerability CVE-2009-1566
Published: 2009-12-03   Modified: 2012-02-13

Description:
Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions.

See advisories in our WLB2 database:
Topic
Author
Date
High
Roxio Creator Image Rendering Integer Overflow Vulnerability
Secunia Research
07.12.2009

Type:

CWE-189

 (Numeric Errors)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Roxio -> Creator 
Roxio -> Easy media creator 

 References:
http://www.securityfocus.com/archive/1/508165/100/0/threaded
http://www.securityfocus.com/bid/37183
http://www.vupen.com/english/advisories/2009/3375
https://exchange.xforce.ibmcloud.com/vulnerabilities/54496
Copyright 2024, cxsecurity.com

 

Back to Top