cbcvebase.
CVE-2009-1087
published 2009-03-25

CVE-2009-1087: Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share…

PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.14%
91.3th percentile
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.

Affected

2 ranges
VendorProductVersion rangeFixed in
pplivepplive<= 1.9.21
pplivepplive
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.