RETIRED: Musiclab BearShare NCTAudioFile2 ActiveX Control Buffer Overflow Vulnerability

BearShare NCTAudioFile2 ActiveX control is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successful attacks corrupt process memory, allowing arbitrary code to run in the context of the client application using the affected ActiveX control.

BearShare is reported vulnerable to this issue; other versions may be affected as well.

This issue is a duplicate of BID 22196 (NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability) and is therefore being retired.


Privacy Statement
Copyright 2010, SecurityFocus