Secunia Research has discovered a vulnerability in Creative Software AutoUpdate Engine 2 ActiveX control, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused by a boundary error in a callback function used when handling the “BrowseFolder()” method. This can be exploited to cause a stack-based buffer overflow via an overly long string argument. Successful exploitation allows execution of arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/90548/secunia-creative.txt
Source: https://packetstormsecurity.com/files/90548/Creative-Software-AutoUpdate-Engine-2-ActiveX-Control-Buffer-Overflow.html