Name:
Creative.Software.Autoupdate.ActiveX.Access
Released Date:
May 30 2008
Severity:
critical
CVE:
2008-0955
Bugtraq:
29391

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a buffer-overflow vulnerability in the Creative Software AutoUpdate OCX Module.

This vulnerability is caused by an error in the "CTSUEng.ocx" ActiveX Control when handling malformed data. A remote attacker may exploit this to execute arbitrary code.
 
Impact
System Compromise
 
Affected Products
Creative Labs, AutoUpdate ActiveX control
Aliases
References
http://www.securityfocus.com/bid/29391
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0955
http://milw0rm.org/exploits/5681
http://research.eeye.com/html/alerts/zeroday/20080526.html
Recommended Actions
Currently, we are not aware of any vendor-supplied patch for this issue.

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED