CVE-2010-0990
Summary
| CVE | CVE-2010-0990 |
|---|---|
| State | PUBLISHED |
| Assigner | flexera |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-06-15 14:04:22 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Creative | Autoupdate | 1.40.01 | All | All | All |
| Application | Creative | Autoupdate Engine Activex Control | 2.0.12.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Creative Software AutoUpdate Engine 2 ActiveX Control Buffer Overflow - Advisories - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Research - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.