Lucene search

MitreCVE-2013-7186

HistoryDec 20, 2013 - 11:55 p.m.

CVE-2013-7186

2013-12-2023:55:05

CWE-119

mitre

web.nvd.nist.gov

cve-2013-7186

buffer overflow

steinberg mymp3pro 5.0

remote code execution

.m3u file

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.283

Percentile

96.9%

JSON

Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remote attackers to execute arbitrary code via a long string in a .m3u file.

Affected configurations

Nvd

Node

steinbergmymp3proMatch5.0

VendorProductVersionCPE
steinbergmymp3pro5.0cpe:2.3:a:steinberg:mymp3pro:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
steinberg	mymp3pro	5.0	cpe:2.3:a:steinberg:mymp3pro:5.0:::::::*

References

packetstormsecurity.com/files/124282

packetstormsecurity.com/files/124283

packetstormsecurity.com/files/124284

www.exploit-db.com/exploits/30032

exchange.xforce.ibmcloud.com/vulnerabilities/89454

exchange.xforce.ibmcloud.com/vulnerabilities/89468

exchange.xforce.ibmcloud.com/vulnerabilities/89469

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.283

Percentile

96.9%

JSON

Related for CVE-2013-7186