Vulnerability Description
Multiple stack-based and heap-based buffer overflows in Dafolo DafoloControl ActiveX control (DafoloFFControl.dll) 1.108.6.195 allow remote attackers to execute arbitrary code via long (1) baseurl, (2) kommune, (3) felter, (4) afdeling, (5) Flags, (6) HelpURL, (7) caburl, or (8) filename properties; or (9) a long argument to the Open method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dafolo | Dafolocontrol | 1.108.6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35017Vendor Advisory
- http://www.securityfocus.com/bid/34900
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50421
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50423
- http://secunia.com/advisories/35017Vendor Advisory
- http://www.securityfocus.com/bid/34900
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50421
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50423
FAQ
What is CVE-2009-1606?
CVE-2009-1606 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based and heap-based buffer overflows in Dafolo DafoloControl ActiveX control (DafoloFFControl.dll) 1.108.6.195 allow remote attackers to execute arbitrary code via long (1) baseurl, (2...
How severe is CVE-2009-1606?
CVE-2009-1606 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1606?
Check the references section above for vendor advisories and patch information. Affected products include: Dafolo Dafolocontrol.