CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.7%
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in “prior to 3.1.3.7.”
Vendor | Product | Version | CPE |
---|---|---|---|
mini-stream | mini-stream_to_mp3_converter | 3.0.0.7 | cpe:2.3:a:mini-stream:mini-stream_to_mp3_converter:3.0.0.7:*:*:*:*:*:*:* |