Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
COWON America jetAudio JetFlExt.dll ActiveX控件远程命令执行漏洞
Vulnerability Description
jetAudio是一种媒体播放器软件。 jetAudio所带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页控制用户系统。 JetFlExt.dll ActiveX控件控件的DownloadFromMusicStore()方式处理参数时存在输入验证问题,远程攻击者可能利用目录遍历串访问执行系统中的任意程序。
CVSS Information
N/A
Vulnerability Type
N/A