CVE-2008-0959

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-0959
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/30395
http://secunia.com/advisories/30415 Vendor Advisory
http://secunia.com/advisories/30418
http://secunia.com/advisories/30419
http://secunia.com/advisories/30421
http://secunia.com/advisories/30445
http://secunia.com/advisories/30451
http://secunia.com/advisories/30452
http://secunia.com/advisories/30453
http://secunia.com/advisories/30454
http://secunia.com/advisories/30456
http://secunia.com/advisories/30457
http://secunia.com/advisories/30458
http://www.kb.cert.org/vuls/id/669265 US Government Resource
http://www.vupen.com/english/advisories/2008/1669
https://exchange.xforce.ibmcloud.com/vulnerabilities/42680
http://secunia.com/advisories/30395
http://secunia.com/advisories/30415 Vendor Advisory
http://secunia.com/advisories/30418
http://secunia.com/advisories/30419
http://secunia.com/advisories/30421
http://secunia.com/advisories/30445
http://secunia.com/advisories/30451
http://secunia.com/advisories/30452
http://secunia.com/advisories/30453
http://secunia.com/advisories/30454
http://secunia.com/advisories/30456
http://secunia.com/advisories/30457
http://secunia.com/advisories/30458
http://www.kb.cert.org/vuls/id/669265 US Government Resource
http://www.vupen.com/english/advisories/2008/1669
https://exchange.xforce.ibmcloud.com/vulnerabilities/42680
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:alivemedia:alive_mp3_wav_converter:3.9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:online_media_technologies:nctaudioeditor_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:online_media_technologies:nctaudiostudio_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:orion_studios:cinematicmp3:1.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ussun:power_audio_cd_burner:1.02:*:*:*:*:*:*:*
cpe:2.3:a:ussun:power_audio_cd_grabber:1.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2008-05-29 16:32

Updated : 2025-04-09 00:30

NVD link : CVE-2008-0959

Mitre link : CVE-2008-0959

CVE.ORG link : CVE-2008-0959

JSON object : View

Products Affected

online_media_technologies

  • nctaudiostudio_activex_control
  • nctaudioeditor_activex_control

orion_studios

  • cinematicmp3

ussun

  • power_audio_cd_burner
  • power_audio_cd_grabber

alivemedia

  • alive_mp3_wav_converter
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer