Lucene search

[email protected]CVE-2009-3811

HistoryOct 27, 2009 - 4:30 p.m.

CVE-2009-3811

2009-10-2716:30:00

CWE-119

[email protected]

web.nvd.nist.gov

music tag editor

cve-2009-3811

buffer overflow

remote code execution

mp3

id3 tag

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.109 Low

EPSS

Percentile

95.1%

JSON

Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

assistanttoolsmusic_tag_editorMatch1.61

CPENameOperatorVersion
assistanttools:music_tag_editorassistanttools music tag editoreq1.61

CPE	Name	Operator	Version
assistanttools:music_tag_editor	assistanttools music tag editor	eq	1.61

References

liquidworm.blogspot.com/2009/07/music-tag-editor-161-build-212-remote.html

osvdb.org/55861

secunia.com/advisories/35828

www.exploit-db.com/exploits/9167

exchange.xforce.ibmcloud.com/vulnerabilities/51724

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.109 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2009-3811

prion1 nvd1 zeroscience1 cvelist1