Lucene search

[email protected]CVE-2009-2527

HistoryOct 14, 2009 - 10:30 a.m.

CVE-2009-2527

2009-10-1410:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-2527

heap-based overflow

microsoft windows media player

remote code execution

asf file

streaming content

vulnerability

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.794 High

EPSS

Percentile

98.3%

JSON

Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka “WMP Heap Overflow Vulnerability.”

CPENameOperatorVersion
microsoft:windows_media_playermicrosoft windows media playereq6.4

CPE	Name	Operator	Version
microsoft:windows_media_player	microsoft windows media player	eq	6.4

References

www.us-cert.gov/cas/techalerts/TA09-286A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-052

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6184

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.794 High

EPSS

Percentile

98.3%

JSON

Related for CVE-2009-2527

openvas2 prion1 nessus1 checkpoint_advisories2 seebug1 securityvulns2 cvelist1