VYPR
Unrated severityNVD Advisory· Published Oct 19, 2009· Updated Jun 16, 2026

CVE-2009-2970

CVE-2009-2970

Description

Stack-based buffer overflow in the GetUiDllVersion function in an ActiveX control in UiCheck.dll before 1.0.0.7 in UiTV UiPlayer, as used in BaiduX and other products, allows remote attackers to execute arbitrary code via the filename parameter.

Affected products

3
  • cpe:2.3:a:baidu:baidux:*:*:*:*:*:*:*:*
  • Uitv/Uiplayer2 versions
    cpe:2.3:a:uitv:uiplayer:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:uitv:uiplayer:*:*:*:*:*:*:*:*
    • (no CPE)range: <1.0.0.7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.