Creative Software AutoUpdate Engine ActiveX Stack Overflow
Publish Date: 21 de июля de 2015
Severity: : Critical
CVE Kennungen: : CVE-2008-0955
Advisory Date: 21 de июля de 2015
DESCRIPTION
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1002534
Trend Micro Deep Security DPI Rule Name: 1002534 - Creative Software AutoUpdate Engine ActiveX Stack Overflow
AFFECTED SOFTWARE AND VERSION:
- Creative Software Autoupdate Engine