Vulnerability Details CVE-2009-1092
Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.061
EPSS Ranking 90.3%
CVSS Severity
CVSS v2 Score 9.3
References
- http://retrogod.altervista.org/9sg_geovision_liveaudio_freedmem.html
- http://www.securityfocus.com/archive/1/501773/100/0/threaded
- http://www.securityfocus.com/bid/34115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49238
- https://www.exploit-db.com/exploits/8206
- http://retrogod.altervista.org/9sg_geovision_liveaudio_freedmem.html
- http://www.securityfocus.com/archive/1/501773/100/0/threaded
- http://www.securityfocus.com/bid/34115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49238
- https://www.exploit-db.com/exploits/8206
Products affected by CVE-2009-1092
-
cpe:2.3:a:geovision:liveaudio_activex_control:7.0