Lucene search

[email protected]CVE-2009-0491

HistoryFeb 10, 2009 - 1:30 a.m.

CVE-2009-0491

2009-02-1001:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0491

elecard mpeg player

buffer overflow

remote code execution

m3u file

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.137 Low

EPSS

Percentile

95.7%

JSON

Stack-based buffer overflow in Elecard MPEG Player 5.5 build 15884.081218 allows remote attackers to execute arbitrary code via a M3U file containing a long URL.

Affected configurations

NVD

Node

elecardelecard_mpeg_playerRange≤5.5

CPENameOperatorVersion
elecard:elecard_mpeg_playerelecard elecard mpeg playerle5.5

CPE	Name	Operator	Version
elecard:elecard_mpeg_player	elecard elecard mpeg player	le	5.5

References

osvdb.org/51075

secunia.com/advisories/33355

www.vupen.com/english/advisories/2009/0007

www.exploit-db.com/exploits/7637

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.137 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2009-0491

openvas2 cvelist1 nvd1 prion1