Search criteria
2 vulnerabilities by sopcast
CVE-2011-5044 (GCVE-0-2011-5044)
Vulnerability from cvelistv5 – Published: 2011-12-30 19:00 – Updated: 2024-08-07 00:23
VLAI
Summary
SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/77724 | vdb-entryx_refsource_OSVDB |
| http://www.exploit-db.com/exploits/18201 | exploitx_refsource_EXPLOIT-DB |
| http://www.zeroscience.mk/en/vulnerabilities/ZSL-… | x_refsource_MISC |
| http://secunia.com/advisories/40940 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2011-12-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:39.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sopcast-diagnose-priv-esc(71622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71622"
},
{
"name": "77724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/77724"
},
{
"name": "18201",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18201"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5062.php"
},
{
"name": "40940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sopcast-diagnose-priv-esc(71622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71622"
},
{
"name": "77724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/77724"
},
{
"name": "18201",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18201"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5062.php"
},
{
"name": "40940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40940"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sopcast-diagnose-priv-esc(71622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71622"
},
{
"name": "77724",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/77724"
},
{
"name": "18201",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18201"
},
{
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5062.php",
"refsource": "MISC",
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5062.php"
},
{
"name": "40940",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40940"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5044",
"datePublished": "2011-12-30T19:00:00.000Z",
"dateReserved": "2011-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:23:39.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0811 (GCVE-0-2009-0811)
Vulnerability from cvelistv5 – Published: 2009-03-04 17:00 – Updated: 2024-08-07 04:48
VLAI
Summary
Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/33920 | vdb-entryx_refsource_BID |
| http://retrogod.altervista.org/9sg_sopcastia.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/501252/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2009-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sopcast-setexternalplayer-code-execution(48955)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48955"
},
{
"name": "33920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33920"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/9sg_sopcastia.html"
},
{
"name": "20090226 Sopcast SopCore Control (sopocx.ocx 3.0.3.501) SetExternalPlayer() user assisted remote code execution poc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501252/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sopcast-setexternalplayer-code-execution(48955)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48955"
},
{
"name": "33920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33920"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/9sg_sopcastia.html"
},
{
"name": "20090226 Sopcast SopCore Control (sopocx.ocx 3.0.3.501) SetExternalPlayer() user assisted remote code execution poc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501252/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sopcast-setexternalplayer-code-execution(48955)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48955"
},
{
"name": "33920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33920"
},
{
"name": "http://retrogod.altervista.org/9sg_sopcastia.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_sopcastia.html"
},
{
"name": "20090226 Sopcast SopCore Control (sopocx.ocx 3.0.3.501) SetExternalPlayer() user assisted remote code execution poc",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501252/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0811",
"datePublished": "2009-03-04T17:00:00.000Z",
"dateReserved": "2009-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:48:52.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}