Lucene search

[email protected]CVE-2010-2311

HistoryJun 16, 2010 - 8:30 p.m.

CVE-2010-2311

2010-06-1620:30:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-2311

stack-based buffer overflow

power tab editor

arbitrary code execution

user-assisted

remote attackers

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.205 Low

EPSS

Percentile

96.4%

JSON

Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name.

Affected configurations

NVD

Node

power-tabpower_tab_editorMatch1.7.0.80

CPENameOperatorVersion
power-tab:power_tab_editorpower-tab power tab editoreq1.7.0.80

CPE	Name	Operator	Version
power-tab:power_tab_editor	power-tab power tab editor	eq	1.7.0.80

References

osvdb.org/65482

secunia.com/advisories/40216

www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-049-power-tab-editor-v1-7-build-80-buffer-overflow/

www.exploit-db.com/exploits/13820

exchange.xforce.ibmcloud.com/vulnerabilities/59377

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.205 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2010-2311

cvelist1 nvd1 prion1