Lucene search

[email protected]CVE-2010-2329

HistoryJun 18, 2010 - 8:30 p.m.

CVE-2010-2329

2010-06-1820:30:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-2329

buffer overflow

rosoft audio converter

remote code execution

.m3u file

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.222 Low

EPSS

Percentile

96.5%

JSON

Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file.

Affected configurations

NVD

Node

rosoftengineeringrosoft_audio_converterMatch4.4.4

CPENameOperatorVersion
rosoftengineering:rosoft_audio_converterrosoftengineering rosoft audio convertereq4.4.4

CPE	Name	Operator	Version
rosoftengineering:rosoft_audio_converter	rosoftengineering rosoft audio converter	eq	4.4.4

References

osvdb.org/65542

packetstormsecurity.org/1006-exploits/rosoft444-overflow.txt

secunia.com/advisories/40195

www.exploit-db.com/exploits/13895

www.securityfocus.com/bid/40878

exchange.xforce.ibmcloud.com/vulnerabilities/59483

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.222 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2010-2329

nvd1 openvas2 prion1 cvelist1