Unrated severityNVD Advisory· Published Sep 30, 2008· Updated Apr 23, 2026
CVE-2008-4342
CVE-2008-4342
Description
NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to overwrite and create arbitrary files via calls to the EnableLog and LogMessage methods. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs.
Affected products
5cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:free:*:*:*:*:*+ 2 more
- cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:free:*:*:*:*:*
- cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:home:*:*:*:*:*
- cpe:2.3:a:burnaware_technologies:burnaware:2.1.3:unknown:professional:*:*:*:*:*
- cpe:2.3:a:impressum:cdburnerxp:4.2.1.976:*:*:*:*:*:*:*
- cpe:2.3:a:numedia_soft:numedia_dvd_burning_sdk:1.008:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- retrogod.altervista.org/9sg_numedia_xpl.htmlnvdExploit
- www.securityfocus.com/bid/31374nvdExploit
- www.shinnai.net/xplits/TXT_TrWE9AJA8nQpuFsnxBcqnvdExploitURL Repurposed
- secunia.com/advisories/31936nvdVendor Advisory
- secunia.com/advisories/31949nvdVendor Advisory
- secunia.com/advisories/31950nvdVendor Advisory
- secunia.com/advisories/32455nvdVendor Advisory
- www.vupen.com/english/advisories/2008/2663nvdVendor Advisory
- www.securityfocus.com/archive/1/497831/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45330nvd
- www.exploit-db.com/exploits/6491nvd
News mentions
0No linked articles in our index yet.