Lucene search

[email protected]CVE-2009-3428

HistorySep 25, 2009 - 10:30 p.m.

CVE-2009-3428

2009-09-2522:30:16

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-3428

easy music player

buffer overflow

remote code execution

.wav file

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.

Affected configurations

NVD

Node

otbcodeeasy_music_playerMatch1.0.0.2

CPENameOperatorVersion
otbcode:easy_music_playerotbcode easy music playereq1.0.0.2

CPE	Name	Operator	Version
otbcode:easy_music_player	otbcode easy music player	eq	1.0.0.2

References

secunia.com/advisories/36267

www.exploit-db.com/exploits/9412

www.exploit-db.com/exploits/9418

www.exploit-db.com/exploits/9420

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2009-3428

prion1 nvd1 cvelist1