CVE-2010-1909

Consona Dynamic Agent, Live Assistance, and Subscriber Assistance - Buffer Overflow via RunCmd Method

Title source: llm
STIX 2.1

Description

Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to execute arbitrary code via vectors involving "CreateProcess params." NOTE: some of these details are obtained from third party information.

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39751
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/602801
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511176/100/0/threaded

Scores

EPSS 0.0565
EPSS Percentile 92.1%

Details

CWE
CWE-119
Status published
Products (3)
consona/consona_dynamic_agent (3 CPE variants)
consona/consona_live_assistance
consona/consona_subscriber_assistance
Published May 12, 2010
Tracked Since Feb 18, 2026