CVE-2009-4453

SoftCab Sound Converter <1.2 - Path Traversal

Title source: llm

Description

Insecure method vulnerability in SoftCab Sound Converter ActiveX control (sndConverter.ocx) 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ThE g0bL!N · htmlwebappswindows

https://www.exploit-db.com/exploits/10649

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/37967

[Exploit] http://www.exploit-db.com/exploits/10649

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/55082

[Third Party Advisory, VDB Entry] http://osvdb.org/61351

Scores

EPSS 0.0269

EPSS Percentile 85.9%

Details

Status published

Products (1)

softcab/sound_converter_activex 1.2

Published Dec 29, 2009

Tracked Since Feb 18, 2026