Lucene search

[email protected]CVE-2009-3221

HistorySep 16, 2009 - 7:30 p.m.

CVE-2009-3221

2009-09-1619:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-3221

buffer overflow

audio lib player

alp

remote code execution

url

m3u

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.164 Low

EPSS

Percentile

96.0%

JSON

Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file.

Affected configurations

NVD

Node

basicunivers.free.fraudio_lib_player

CPENameOperatorVersion
basicunivers.free.fr:audio_lib_playerbasicunivers.free.fr audio lib playereq*

CPE	Name	Operator	Version
basicunivers.free.fr:audio_lib_player	basicunivers.free.fr audio lib player	eq	*

References

packetstormsecurity.org/0907-exploits/alp-overflow.txt

secunia.com/advisories/35867

www.osvdb.org/56047

www.vupen.com/english/advisories/2009/1963

exchange.xforce.ibmcloud.com/vulnerabilities/51873

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.164 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2009-3221

prion1 cvelist1 nvd1