Vulnerabilities > CVE-2009-1092 - Resource Management Errors vulnerability in Geovision Liveaudio Activex Control 7.0

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
geovision
CWE-399
critical
exploit available
NVD
Published: 2009-03-25
Updated: 2018-10-10

Summary

Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.

Vulnerable Configurations

Part Description Count
Application
Geovision
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionGeoVision LiveAudio ActiveX Remote Freed-Memory Access Exploit. CVE-2009-1092. Remote exploit for windows platform
fileexploits/windows/remote/8206.html
idEDB-ID:8206
last seen2016-02-01
modified2009-03-13
platformwindows
port
published2009-03-13
reporterNine:Situations:Group
sourcehttps://www.exploit-db.com/download/8206/
titleGeoVision LiveAudio ActiveX Remote Freed-Memory Access Exploit
typeremote

References