CVE Vulnerability

CVE-2008-0959

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.

6.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.kb.cert.org/vuls/id/669265 US Government Resource
http://secunia.com/advisories/30415 Vendor Advisory
http://secunia.com/advisories/30457
http://secunia.com/advisories/30458
http://secunia.com/advisories/30453
http://secunia.com/advisories/30451
http://secunia.com/advisories/30456
http://secunia.com/advisories/30454
http://secunia.com/advisories/30452
http://secunia.com/advisories/30418
http://secunia.com/advisories/30395
http://secunia.com/advisories/30445
http://secunia.com/advisories/30419
http://secunia.com/advisories/30421
http://www.vupen.com/english/advisories/2008/1669
https://exchange.xforce.ibmcloud.com/vulnerabilities/42680
Configurations

Configuration 1

cpe:2.3:a:ussun:power_audio_cd_burner:1.02:*:*:*:*:*:*:*
cpe:2.3:a:online_media_technologies:nctaudiostudio_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:orion_studios:cinematicmp3:1.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:online_media_technologies:nctaudioeditor_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:alivemedia:alive_mp3_wav_converter:3.9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ussun:power_audio_cd_grabber:1.0:*:*:*:*:*:*:*
Information

Published : 2008-05-29 04:32

Updated : 2017-08-08 01:29

NVD link : CVE-2008-0959

Mitre link : CVE-2008-0959

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer