Lucene search

[email protected]CVE-2017-8367

HistoryApr 30, 2017 - 7:59 p.m.

CVE-2017-8367

2017-04-3019:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-8367

buffer overflow

ether software

easy mov converter

denial of service

seh overwrite

security vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

JSON

Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner, MP3/WAV/OGG/WMA/AC3 to CD Burner, MP3 WAV to CD Burner, My Video Converter, Easy AVI DivX Converter, Easy Video to iPod Converter, Easy Video to PSP Converter, Easy Video to 3GP Converter, Easy Video to MP4 Converter, and Easy Video to iPod/MP4/PSP/3GP Converter allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long username.

Affected configurations

NVD

Node

ether_softwareeasy_avi\/divx\/xvid_to_dvd_burnerMatch-

ether_softwareeasy_avi_divx_converterMatch-

ether_softwareeasy_cd_dvd_copyMatch-

ether_softwareeasy_dvd_creatorMatch-

ether_softwareeasy_mov_converterMatch-

ether_softwareeasy_mov_converterMatch1.4.24

ether_softwareeasy_mpeg\/avi\/divx\/wmv\/rm_to_dvdMatch-

ether_softwareeasy_mpeg_to_dvd_burnerMatch-

ether_softwareeasy_rm_rmvb_to_dvd_burnerMatch-

ether_softwareeasy_video_to_3gp_converterMatch-

ether_softwareeasy_video_to_ipod\/mp4\/psp\/3gp_converterMatch-

ether_softwareeasy_video_to_ipod_converterMatch-

ether_softwareeasy_video_to_mp4_converterMatch-

ether_softwareeasy_video_to_psp_converterMatch-

ether_softwareeasy_wmv\/asf\/asx_to_dvd_burnerMatch-

ether_softwaremp3\/avi\/mpeg\/wmv\/rm_to_audio_cd_burnerMatch-

ether_softwaremp3\/wav\/ogg\/wma\/ac3_to_cd_burnerMatch-

ether_softwaremp3_wav_to_cd_burnerMatch-

ether_softwaremy_video_converterMatch-

CPENameOperatorVersion
ether_software:easy_avi\/divx\/xvid_to_dvd_burnerether software easy avi/divx/xvid to dvd burnereq-
ether_software:easy_avi_divx_converterether software easy avi divx convertereq-
ether_software:easy_cd_dvd_copyether software easy cd dvd copyeq-
ether_software:easy_dvd_creatorether software easy dvd creatoreq-
ether_software:easy_mov_converterether software easy mov convertereq-
ether_software:easy_mov_converterether software easy mov convertereq1.4.24
ether_software:easy_mpeg\/avi\/divx\/wmv\/rm_to_dvdether software easy mpeg/avi/divx/wmv/rm to dvdeq-
ether_software:easy_mpeg_to_dvd_burnerether software easy mpeg to dvd burnereq-
ether_software:easy_rm_rmvb_to_dvd_burnerether software easy rm rmvb to dvd burnereq-
ether_software:easy_video_to_3gp_converterether software easy video to 3gp convertereq-

CPE	Name	Operator	Version
ether_software:easy_avi\/divx\/xvid_to_dvd_burner	ether software easy avi/divx/xvid to dvd burner	eq	-
ether_software:easy_avi_divx_converter	ether software easy avi divx converter	eq	-
ether_software:easy_cd_dvd_copy	ether software easy cd dvd copy	eq	-
ether_software:easy_dvd_creator	ether software easy dvd creator	eq	-
ether_software:easy_mov_converter	ether software easy mov converter	eq	-
ether_software:easy_mov_converter	ether software easy mov converter	eq	1.4.24
ether_software:easy_mpeg\/avi\/divx\/wmv\/rm_to_dvd	ether software easy mpeg/avi/divx/wmv/rm to dvd	eq	-
ether_software:easy_mpeg_to_dvd_burner	ether software easy mpeg to dvd burner	eq	-
ether_software:easy_rm_rmvb_to_dvd_burner	ether software easy rm rmvb to dvd burner	eq	-
ether_software:easy_video_to_3gp_converter	ether software easy video to 3gp converter	eq	-

Rows per page:

1-10 of 191

References

github.com/offensive-security/exploit-database/blob/master/platforms/windows/dos/41911.py

www.exploit-db.com/exploits/41911/

Social References

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

JSON

Related for CVE-2017-8367

nvd1 cvelist1 prion1