Lucene search

[email protected]CVE-2009-0443

HistoryFeb 10, 2009 - 7:00 a.m.

CVE-2009-0443

2009-02-1007:00:22

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0443

elecard avc hd player

buffer overflow

remote code execution

m3u

url vulnerability

security threat

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.238 Low

EPSS

Percentile

96.6%

JSON

Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows remote attackers to execute arbitrary code via an M3U file containing a long string in a URL.

Affected configurations

NVD

Node

elecardelecard_avc_hd_playerMatch5.5.90116

CPENameOperatorVersion
elecard:elecard_avc_hd_playerelecard elecard avc hd playereq5.5.90116

CPE	Name	Operator	Version
elecard:elecard_avc_hd_player	elecard elecard avc hd player	eq	5.5.90116

References

osvdb.org/51717

secunia.com/advisories/33742

www.securityfocus.com/bid/33089

www.exploit-db.com/exploits/7942

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.238 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2009-0443

prion1 cvelist1 nvd1