Summary
The host is installed CDBurnerXP, which is prone to ActiveX control based remote code execution vulnerability.
Impact
Exploitation will cause Internet Explorer to restrict the webpage from running scripts and could overwrite files with arbitrary content.
Impact Level : Application
Solution
Upgrade to CDBurnerXP Version 4.3.2 or later.
For updates check, http://www.nugroovz.com/Downloads.aspx
Insight
The flaw is due to an error in validating/sanitizing the input data sent to NMSDVDX.dll file.
Affected
CDBurnerXP versions 4.2.1.976 and prior on all platform
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-4342 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Flash Media Server multiple vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)