Vulnerabilities > Gigabyte > Dldrv2 Activex Control

DATE CVE VULNERABILITY TITLE RISK
2010-08-02 CVE-2010-1518 Improper Input Validation vulnerability in Gigabyte Dldrv2 Activex Control 1.4.206.11
Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via the item argument.
network
low complexity
gigabyte CWE-20
critical
 10.0
10
2010-08-02 CVE-2010-1517 Improper Input Validation vulnerability in Gigabyte Dldrv2 Activex Control 1.4.206.11
The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2) download arbitrary programs onto a client system via vectors involving the SetDLInfo method in conjunction with the Bdl method.
network
low complexity
gigabyte CWE-20
critical
 10.0
10