1. Home
  2. CVE Database
  3. CVE-2008-0959
MEDIUM · 6.8

CVE-2008-0959

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Au...

Vulnerability Description

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
AlivemediaAlive Mp3 Wav Converter3.9.3.2
Online Media TechnologiesNctaudioeditor Activex ControlAll versions
Online Media TechnologiesNctaudiostudio Activex ControlAll versions
Orion StudiosCinematicmp31.4.0.0
UssunPower Audio Cd Burner1.02
UssunPower Audio Cd Grabber1.0

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2008-0959?

CVE-2008-0959 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Au...

How severe is CVE-2008-0959?

CVE-2008-0959 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0959?

Check the references section above for vendor advisories and patch information. Affected products include: Alivemedia Alive Mp3 Wav Converter, Online Media Technologies Nctaudioeditor Activex Control, Online Media Technologies Nctaudiostudio Activex Control, Orion Studios Cinematicmp3, Ussun Power Audio Cd Burner.