Lucene search

[email protected]CVE-2009-2363

HistoryJul 08, 2009 - 3:30 p.m.

CVE-2009-2363

2009-07-0815:30:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-2363

kudrsoft audioplus

buffer overflow

remote code execution

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.

Affected configurations

NVD

Node

yukudraudioplusMatch2.00.215

CPENameOperatorVersion
yukudr:audioplusyukudr audiopluseq2.00.215

CPE	Name	Operator	Version
yukudr:audioplus	yukudr audioplus	eq	2.00.215

References

packetstormsecurity.org/0907-exploits/audiopluspls-overflow.txt

www.exploit-db.com/exploits/9070

exchange.xforce.ibmcloud.com/vulnerabilities/51485

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2009-2363

nvd1 cvelist1 prion1