CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
96.5%
Sony SonicStage CP is software for music management. SonicStage CP contains a vulnerability that can be exploited to cause a buffer overflow when importing a specially crafted playlist file with the .m3u extension.
Importing a specially crafted playlist file with the .m3u extension can cause a buffer overflow, allowing a remote attacker to crash SonicStage CP and at the same time execute arbitrary code on the affected system.
Update the Software
Apply the latest update provided by the vendor.
For more information, refer to the vendor’s website.