Lucene search

[email protected]CVE-2009-4755

HistoryMar 29, 2010 - 6:30 p.m.

CVE-2009-4755

2010-03-2918:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4755

mercury audio player

buffer overflow

remote code execution

nvd

vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.23 Low

EPSS

Percentile

96.6%

JSON

Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.

Affected configurations

NVD

Node

mercuryaudioaudio_playerMatch1.21

CPENameOperatorVersion
mercuryaudio:audio_playermercuryaudio audio playereq1.21

CPE	Name	Operator	Version
mercuryaudio:audio_player	mercuryaudio audio player	eq	1.21

References

osvdb.org/54170

secunia.com/advisories/34957

www.exploit-db.com/exploits/8580

www.exploit-db.com/exploits/8582

www.securityfocus.com/bid/34788

exchange.xforce.ibmcloud.com/vulnerabilities/50288

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.23 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2009-4755

cvelist1 nvd1 prion1