Unrated severityNVD Advisory· Published Feb 2, 2009· Updated Apr 23, 2026

CVE-2009-0389

Description

Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors. NOTE: vectors 1 and 2 can be used together to execute arbitrary code.

Affected products

Eztools Software/Web On Windows Activex
cpe:2.3:a:eztools-software:web_on_windows_activex:2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/33515nvdExploit
exchange.xforce.ibmcloud.com/vulnerabilities/48337nvd
www.exploit-db.com/exploits/7910nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000