Lucene search

[email protected]CVE-2009-4863

HistoryMay 11, 2010 - 12:02 p.m.

CVE-2009-4863

2010-05-1112:02:09

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4863

ultraplayer

media player

buffer overflow

remote code execution

usk file

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.238 Low

EPSS

Percentile

96.6%

JSON

Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.

Affected configurations

NVD

Node

ultraplayerultraplayer_media_playerMatch2.112

CPENameOperatorVersion
ultraplayer:ultraplayer_media_playerultraplayer ultraplayer media playereq2.112

CPE	Name	Operator	Version
ultraplayer:ultraplayer_media_player	ultraplayer ultraplayer media player	eq	2.112

References

www.exploit-db.com/exploits/9368

www.securityfocus.com/bid/35956

www.vupen.com/english/advisories/2009/2160

exchange.xforce.ibmcloud.com/vulnerabilities/52281

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7438

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.238 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2009-4863

cvelist1 nvd1 openvas2 prion1