Lucene search

[email protected]CVE-2009-2403

HistoryJul 09, 2009 - 4:30 p.m.

CVE-2009-2403

2009-07-0916:30:00

CWE-787

[email protected]

web.nvd.nist.gov

cve-2009-2403

scmpx

buffer overflow

denial of service

remote attackers

arbitrary code

m3u playlist file

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%

JSON

Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a .m3u playlist file.

Affected configurations

NVD

Node

shinjichibascmpxMatch1.5.1windows

CPENameOperatorVersion
shinjichiba:scmpxshinjichiba scmpxeq1.5.1

CPE	Name	Operator	Version
shinjichiba:scmpx	shinjichiba scmpx	eq	1.5.1

References

secunia.com/advisories/35596

www.exploit-db.com/exploits/9033

www.vupen.com/english/advisories/2009/1729

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%

JSON

Related for CVE-2009-2403

nvd1 prion1 cvelist1