Lucene search
HistoryFeb 15, 2007 - 2:28 a.m.
CVE-2007-0949
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.167
Percentile
96.1%
Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was later reported that 1.20 and 1.30 are also affected.
Affected configurations
Node
itinysoft_studiototal_video_playerRange≤1.03
| Vendor | Product | Version | CPE |
|---|---|---|---|
| itinysoft_studio | total_video_player | * | cpe:2.3:a:itinysoft_studio:total_video_player:*:*:*:*:*:*:*:* |
Related
prion
prion
Stack overflow
2007-02-15 02:28:00
exploitdb
exploitdb
Total Video Player 1.20 - '.m3u' File Local Stack Buffer Overflow
2008-02-07 00:00:00
Total Video Player 1.03 - '.m3u' File Local Buffer Overflow
2008-02-01 00:00:00
cvelist
cvelist
CVE-2007-0949
2007-02-15 02:00:00
securityvulns
securityvulns
iTinySoft Studio Total Video Player buffer overflow
2007-02-15 00:00:00
cve
cve
CVE-2007-0949
2007-02-15 02:28:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.167
Percentile
96.1%
Related for NVD:CVE-2007-0949