CVE-2009-1566

high

Description

Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/54496

http://www.vupen.com/english/advisories/2009/3375

http://www.securityfocus.com/bid/37183

http://www.securityfocus.com/archive/1/508165/100/0/threaded

http://secunia.com/secunia_research/2009-38/

http://secunia.com/advisories/36069

Details

Source: Mitre, NVD

Published: 2009-12-03

Updated: 2018-10-10

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H