Description
Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38970
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40768
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511795/100/0/threaded
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2010-52/
Scores
EPSS
0.0462
EPSS Percentile
90.6%
Details
CWE
CWE-119
Status
published
Products (2)
creative/autoupdate
1.40.01
creative/autoupdate_engine_activex_control
2.0.12.0
Published
Jun 15, 2010
Tracked Since
Feb 18, 2026