Lucene search

[email protected]CVE-2011-5003

HistoryDec 25, 2011 - 1:55 a.m.

CVE-2011-5003

2011-12-2501:55:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-5003

avid media composer

buffer overflow

remote code execution

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.911 High

EPSS

Percentile

98.9%

JSON

Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659.

Affected configurations

NVD

Node

avidmedia_composerRange≤5.5.3

CPENameOperatorVersion
avid:media_composeravid media composerle5.5.3

CPE	Name	Operator	Version
avid:media_composer	avid media composer	le	5.5.3

References

secunia.com/advisories/47047

www.exploit-db.com/exploits/18183

www.osvdb.org/77376

www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pdf

www.securityfocus.com/bid/50843

exchange.xforce.ibmcloud.com/vulnerabilities/71514

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.911 High

EPSS

Percentile

98.9%

JSON

Related for CVE-2011-5003

prion1 nvd1 cvelist1 checkpoint_advisories1