Vulnerabilities > Roxio

DATE CVE VULNERABILITY TITLE RISK
2012-09-07 CVE-2010-5236 Unspecified vulnerability in Roxio Easy Media Creator 9.0.136
Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file.
local
roxio
6.9
2012-09-06 CVE-2010-5195 Unspecified vulnerability in Roxio Mydvd 9
Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file.
local
roxio
6.9
2010-05-06 CVE-2009-4841 Buffer Errors vulnerability in Roxio Cineplayer 3.2
Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in SonicMediaPlayer.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the DiskType method.
network
roxio CWE-119
critical
9.3
2010-05-06 CVE-2009-4840 Buffer Errors vulnerability in Roxio Cineplayer 3.2
Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName method.
network
roxio CWE-119
critical
9.3
2009-12-03 CVE-2009-1566 Numeric Errors vulnerability in Roxio Creator and Easy Media Creator
Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions.
network
roxio CWE-189
critical
9.3
2008-10-07 CVE-2008-4384 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
network
iseemedia mgi-software roxio CWE-119
critical
9.3
2007-07-17 CVE-2007-3829 Remote Buffer Overflow vulnerability in InterActual Player IAMCE and IAKey
Multiple stack-based buffer overflows in (a) InterActual Player 2.60.12.0717 and (b) Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a (1) long FailURL attribute in the IAMCE ActiveX Control (IAMCE.dll) or a (2) long URLCode attribute in the IAKey ActiveX Control (IAKey.dll).
network
interactual-technologies roxio
critical
9.3
2007-04-11 CVE-2007-1559 Remote Buffer Overflow vulnerability in Roxio Cineplayer 3.2
Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
network
roxio
critical
9.3
2007-03-21 CVE-2007-0348 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.
9.3
2006-09-14 CVE-2006-4801 Race Condition vulnerability in Roxio Toast 7
Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges.
local
high complexity
roxio CWE-362
6.2