Roxio Creator 9.x <= 9.0.136 Image Handling Integer Overflow

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by an
integer overflow vulnerability.

Description :

According to its version, the Roxio Creator install on the remote host
is 9.x earlier than or equal to 9.0.136. It is, therefore, affected by
an integer overflow vulnerability related to image handling that could
allow arbitrary code execution.

See also :

http://seclists.org/bugtraq/2009/Dec/9

Solution :

Upgrade to Roxio Creator 2010 SP1 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70144 ()

Bugtraq ID: 37183

CVE ID: CVE-2009-1566

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now