Search
Find a vulnerability
Search criteria
4 vulnerabilities found for easy_media_creator by roxio
CVE-2010-5236 (GCVE-0-2010-5236)
Vulnerability from nvd – Published: 2012-09-07 10:00 – Updated: 2024-09-16 18:07
VLAI
Summary
Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/14768 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/41137 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14768",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-07T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14768",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14768",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5236",
"datePublished": "2012-09-07T10:00:00.000Z",
"dateReserved": "2012-09-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:07:54.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1566 (GCVE-0-2009-1566)
Vulnerability from nvd – Published: 2009-12-03 18:00 – Updated: 2024-08-07 05:20
VLAI
Summary
Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/508165/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/37183 | vdb-entryx_refsource_BID |
| http://secunia.com/secunia_research/2009-38/ | x_refsource_MISC |
| http://secunia.com/advisories/36069 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/3375 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:33.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-1566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37183"
},
{
"name": "http://secunia.com/secunia_research/2009-38/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-1566",
"datePublished": "2009-12-03T18:00:00.000Z",
"dateReserved": "2009-05-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:20:33.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5236 (GCVE-0-2010-5236)
Vulnerability from cvelistv5 – Published: 2012-09-07 10:00 – Updated: 2024-09-16 18:07
VLAI
Summary
Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/14768 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/41137 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14768",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-07T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14768",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14768",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14768"
},
{
"name": "41137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5236",
"datePublished": "2012-09-07T10:00:00.000Z",
"dateReserved": "2012-09-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:07:54.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1566 (GCVE-0-2009-1566)
Vulnerability from cvelistv5 – Published: 2009-12-03 18:00 – Updated: 2024-08-07 05:20
VLAI
Summary
Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/508165/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/37183 | vdb-entryx_refsource_BID |
| http://secunia.com/secunia_research/2009-38/ | x_refsource_MISC |
| http://secunia.com/advisories/36069 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/3375 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:33.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-1566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20091202 Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508165/100/0/threaded"
},
{
"name": "37183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37183"
},
{
"name": "http://secunia.com/secunia_research/2009-38/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-38/"
},
{
"name": "36069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36069"
},
{
"name": "ADV-2009-3375",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3375"
},
{
"name": "roxio-image-code-execution(54496)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-1566",
"datePublished": "2009-12-03T18:00:00.000Z",
"dateReserved": "2009-05-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:20:33.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}