CVE-2011-1065

{"id": "CVE-2011-1065", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-02-23T01:00:02.973", "references": [{"url": "http://secunia.com/advisories/43394", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/46468", "source": "cve@mitre.org"}, {"url": "http://www.wooyun.org/bugs/wooyun-2010-01382", "source": "cve@mitre.org"}, {"url": "http://www.wooyun.org/bugs/wooyun-2010-01383", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65537", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/43394", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/46468", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.wooyun.org/bugs/wooyun-2010-01382", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.wooyun.org/bugs/wooyun-2010-01383", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65537", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el control ActiveX PIPIWebPlayer (PIWebPlayer.ocx) en PIPI Player v2.8.0.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de argumentos largos con los m\u00e9todos (1) PlayURL o (2) PlayURLWithLocalPlayer."}], "lastModified": "2024-11-21T01:25:26.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pipi:pipi_player:2.8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2D600A1-3101-4C14-BB20-C7C682B125DF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}