There is a vulnerability in CyberLink PowerDVD which could be exploited by attackers to corrupt arbitrary files. This issue is caused by a design error in the "CreateNewFile()" method within the "CLAVSetting.DLL" ActiveX Control. It can be exploited by attackers to overwrite arbitrary files on a vulnerable system by tricking a user into visiting a malicious web page.
CyberLink PowerDVD versions 7.x
Denial of service.
Currently we are not aware of any vendor supplied patches for this issue.