Lucene search

[email protected]CVE-2009-2550

HistoryJul 20, 2009 - 8:00 p.m.

CVE-2009-2550

2009-07-2020:00:13

CWE-787

[email protected]

web.nvd.nist.gov

cve-2009-2550

buffer overflow

hamster audio player

security vulnerability

remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file.

Affected configurations

NVD

Node

ondanerahamster_audio_playerMatch0.3a

CPENameOperatorVersion
ondanera:hamster_audio_playerondanera hamster audio playereq0.3a

CPE	Name	Operator	Version
ondanera:hamster_audio_player	ondanera hamster audio player	eq	0.3a

References

osvdb.org/55871

secunia.com/advisories/35825

www.exploit-db.com/exploits/9157

www.exploit-db.com/exploits/9172

exchange.xforce.ibmcloud.com/vulnerabilities/51732

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2009-2550

prion1 cvelist1 nvd1 openvas2