← back
CVE-2009-1087

CVE-2009-1087

EPSS 5.1%
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/8215unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/34327https://exchange.xforce.ibmcloud.com/vulnerabilities/49263https://www.exploit-db.com/exploits/8215http://www.vupen.com/english/advisories/2009/0739