Lucene search

[email protected]CVE-2009-2934

HistoryAug 21, 2009 - 8:30 p.m.

CVE-2009-2934

2009-08-2120:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-2934

xaudio.dll

buffer overflow

remote code execution

pipl 2.5.0

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file.

Affected configurations

NVD

Node

programmedintegrationpiplMatch2.5.0

programmedintegrationpiplMatch2.5.0d

CPENameOperatorVersion
programmedintegration:piplprogrammedintegration pipleq2.5.0
programmedintegration:piplprogrammedintegration pipleq2.5.0d

CPE	Name	Operator	Version
programmedintegration:pipl	programmedintegration pipl	eq	2.5.0
programmedintegration:pipl	programmedintegration pipl	eq	2.5.0d

References

osvdb.org/56996

secunia.com/advisories/36297

www.exploit-db.com/exploits/9428

exchange.xforce.ibmcloud.com/vulnerabilities/52440

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2009-2934

prion1 nvd1 cvelist1