Lucene search
MitreCVE-2009-3170HistorySep 11, 2009 - 8:30 p.m.
CVE-2009-3170
2009-09-1120:30:00
CWE-119
mitre
web.nvd.nist.gov
31
cve-2009-3170
aimp2
audio converter
buffer overflow
denial of service
remote code execution
nvd
vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.6
Confidence
High
EPSS
0.05
Percentile
92.9%
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.
Affected configurations
Node
aimpaimp2_audio_converterRange≤2.53
| Vendor | Product | Version | CPE |
|---|---|---|---|
| aimp | aimp2_audio_converter | * | cpe:2.3:a:aimp:aimp2_audio_converter:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-3170
2009-09-11 20:00:00
nvd
nvd
CVE-2009-3170
2009-09-11 20:30:00
exploitdb
exploitdb
AIMP2 Audio Converter 2.53b330 - '.pls' / '.m3u' Unicode Crash (PoC)
2009-09-01 00:00:00
AIMP2 Audio Converter 2.53 build 330 - Playlist '.pls' Unicode Buffer Overflow
2009-11-21 00:00:00
AIMP2 Audio Converter - Playlist Overflow (SEH)
2009-11-16 00:00:00
zdt
zdt
AIMP2 Audio Converter <= 2.53 build 330 Playlist (.pls) Unicode BOF
2009-11-21 00:00:00
prion
prion
Stack overflow
2009-09-11 20:30:00
openvas
openvas
AIMP ID3 Tag Buffer Overflow Vulnerability
2009-07-07 00:00:00
AIMP ID3 Tag Buffer Overflow Vulnerability
2009-07-07 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.6
Confidence
High
EPSS
0.05
Percentile
92.9%
Related for CVE-2009-3170