CVE-2007-2564

Description

Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX control (DSKernel2.dll) allow remote attackers to execute arbitrary code via a long argument to the (1) LockModules or (2) UnlockModule function.

Affected products

• sienzo / digital_music_mentor2.6.0.4 – 2.6.0.4

References

• MISChttp://www.securityfocus.com/bid/23838
• MISChttp://moaxb.blogspot.com/2007_05_06_archive.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/34120
• MISChttp://www.shinnai.altervista.org/moaxb/20070506/sienzo.txt
• MISChttp://osvdb.org/34338