CVE-2009-1612

Description

Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.

Affected products

• baofeng / storm2.7.9_8 – 2.7.9_8
• baofeng / storm2.7.9_10 – 2.7.9_10
• baofeng / storm2.8 – 2.8
• baofeng / storm2.9 – 2.9
• baofeng / storm3.9.3_25 – 3.9.3_25
• baofeng / storm3.9.3_30 – 3.9.3_30
• baofeng / storm3.9.4_17 – 3.9.4_17
• baofeng / storm3.9.4_27 – 3.9.4_27

References

• EXPLOIThttps://www.exploit-db.com/exploits/8579
• MISChttp://www.securityfocus.com/bid/34789
• VENDOR_ADVISORYhttp://secunia.com/advisories/34944
• MISChttp://www.cisrt.org/enblog/read.php?245