CVE-2011-2590 Information

Description

The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter.

Reference

http://secunia.com/advisories/44885 http://secunia.com/secunia_research/2011-59/ http://www.osvdb.org/74217 http://www.securityfocus.com/bid/48975 https://exchange.xforce.ibmcloud.com/vulnerabilities/68975