CVE-2008-0959

{"id": "CVE-2008-0959", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2008-05-29T16:32:00.000", "references": [{"url": "http://secunia.com/advisories/30395", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30415", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30418", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30419", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30421", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30445", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30451", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30452", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30453", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30454", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30456", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30457", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/30458", "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/669265", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1669", "source": "cret@cert.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42680", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de bufer basados en pila en el control ActiveX Online Media Technologies NCTSoft NCTAudioInformation2 en NCTAudioInformation2.dll, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "lastModified": "2017-08-08T01:29:47.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:alivemedia:alive_mp3_wav_converter:3.9.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25BC6A2A-67DE-4918-B6ED-E1B636559D20"}, {"criteria": "cpe:2.3:a:online_media_technologies:nctaudioeditor_activex_control:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09278FE6-820B-4D31-9665-DB539BB23BBD"}, {"criteria": "cpe:2.3:a:online_media_technologies:nctaudiostudio_activex_control:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7078A0-94D6-42F4-B413-AFA7C966AA87"}, {"criteria": "cpe:2.3:a:orion_studios:cinematicmp3:1.4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D92263D-7282-427F-8C93-EAF55990493D"}, {"criteria": "cpe:2.3:a:ussun:power_audio_cd_burner:1.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5442CA4-4185-414D-BADF-659FDC157B2D"}, {"criteria": "cpe:2.3:a:ussun:power_audio_cd_grabber:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDACACA-B499-435F-AB3A-97545B082A98"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}