CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0389

Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors. NOTE: vectors 1 and 2 can be used together to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.039

EPSS Ranking 87.8%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/33515
https://exchange.xforce.ibmcloud.com/vulnerabilities/48337
https://www.exploit-db.com/exploits/7910
http://www.securityfocus.com/bid/33515
https://exchange.xforce.ibmcloud.com/vulnerabilities/48337
https://www.exploit-db.com/exploits/7910

Products affected by CVE-2009-0389

Eztools-Software » Web On Windows Activex » Version: 2

cpe:2.3:a:eztools-software:web_on_windows_activex:2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0389

Products

Pricing

Contact Us