Lucene search

[email protected]CVE-2009-1039

HistoryMar 20, 2009 - 6:30 p.m.

CVE-2009-1039

2009-03-2018:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1039

buffer overflow

cdex

remote code execution

ogg vorbis

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.185 Low

EPSS

Percentile

96.2%

JSON

Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.

Affected configurations

NVD

Node

cdexoscdexMatch170b2

CPENameOperatorVersion
cdexos:cdexcdexos cdexeq170b2

CPE	Name	Operator	Version
cdexos:cdex	cdexos cdex	eq	170b2

References

osvdb.org/52812

retrogod.altervista.org/9sg_cdex_ogg.html

www.securityfocus.com/archive/1/501928/100/0/threaded

www.securityfocus.com/bid/34164

exchange.xforce.ibmcloud.com/vulnerabilities/49304

www.exploit-db.com/exploits/8231

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.185 Low

EPSS

Percentile

96.2%

JSON

Related for CVE-2009-1039

nvd1 cvelist1 prion1