CVE-2010-0990

Creative Software AutoUpdate <1.40.01 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38970
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40768
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511795/100/0/threaded
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2010-52/

Scores

EPSS 0.0462
EPSS Percentile 90.6%

Details

CWE
CWE-119
Status published
Products (2)
creative/autoupdate 1.40.01
creative/autoupdate_engine_activex_control 2.0.12.0
Published Jun 15, 2010
Tracked Since Feb 18, 2026