CVE-2009-0305

critical

Description

Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method.

References

http://www.securityfocus.com/bid/33663

http://www.microsoft.com/technet/security/advisory/960715.mspx

http://www.kb.cert.org/vuls/id/131100

http://secunia.com/advisories/33847

http://osvdb.org/51833

http://blackberry.com/btsc/KB16248

Details

Source: Mitre, NVD

Published: 2009-02-10

Updated: 2009-02-17

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical