Lucene search

[email protected]CVE-2009-2568

HistoryJul 22, 2009 - 5:30 p.m.

CVE-2009-2568

2009-07-2217:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-2568

sorinara streaming audio player

sap

buffer overflow

remote code execution

playlist

nvd

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.078 Low

EPSS

Percentile

94.3%

JSON

Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file.

Affected configurations

NVD

Node

sorinarastreaming_audio_playerMatch0.9

CPENameOperatorVersion
sorinara:streaming_audio_playersorinara streaming audio playereq0.9

CPE	Name	Operator	Version
sorinara:streaming_audio_player	sorinara streaming audio player	eq	0.9

References

www.exploit-db.com/exploits/8617

www.exploit-db.com/exploits/8620

www.securityfocus.com/bid/34842

exchange.xforce.ibmcloud.com/vulnerabilities/50339

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.078 Low

EPSS

Percentile

94.3%

JSON

Related for CVE-2009-2568

cvelist1 nvd1 prion1 openvas2