CVE-2009-1612

EPSS 33.3%

Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/8579unverified exploitdbwww.exploit-db.com/exploits/16553unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/34944 https://www.exploit-db.com/exploits/8579 http://www.cisrt.org/enblog/read.php?245 http://www.securityfocus.com/bid/34789