Lucene search

[email protected]CVE-2009-0175

HistoryJan 20, 2009 - 4:00 p.m.

CVE-2009-0175

2009-01-2016:00:08

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0175

buffer overflow

heathco software

mp3 trackmaker 1.5

denial of service

arbitrary code execution

remote attackers

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

High

0.164 Low

EPSS

Percentile

96.0%

JSON

Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.

Affected configurations

NVD

Node

heathcosoftmp3_trackmakerMatch1.5

CPENameOperatorVersion
heathcosoft:mp3_trackmakerheathcosoft mp3 trackmakereq1.5

CPE	Name	Operator	Version
heathcosoft:mp3_trackmaker	heathcosoft mp3 trackmaker	eq	1.5

References

securityreason.com/securityalert/4920

www.securityfocus.com/bid/33183

exchange.xforce.ibmcloud.com/vulnerabilities/47852

www.exploit-db.com/exploits/7708

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

High

0.164 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2009-0175

prion1 nvd1 cvelist1