Lucene search

[email protected]CVE-2009-1370

HistoryApr 22, 2009 - 9:30 p.m.

CVE-2009-1370

2009-04-2221:30:14

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1370

buffer overflow

xilisoft video converter

denial of service

remote attack

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.062 Low

EPSS

Percentile

93.6%

JSON

Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file.

Affected configurations

NVD

Node

xilisoftxilisoft_video_converterMatch3.1.53

xilisoftxilisoft_video_converterMatch5.1.23

CPENameOperatorVersion
xilisoft:xilisoft_video_converterxilisoft xilisoft video convertereq3.1.53
xilisoft:xilisoft_video_converterxilisoft xilisoft video convertereq5.1.23

CPE	Name	Operator	Version
xilisoft:xilisoft_video_converter	xilisoft xilisoft video converter	eq	3.1.53
xilisoft:xilisoft_video_converter	xilisoft xilisoft video converter	eq	5.1.23

References

secunia.com/advisories/34660

www.securityfocus.com/bid/34472

exchange.xforce.ibmcloud.com/vulnerabilities/49807

www.exploit-db.com/exploits/8390

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.062 Low

EPSS

Percentile

93.6%

JSON

Related for CVE-2009-1370

prion1 cvelist1 openvas2 nvd1