Lucene search

K

[email protected]NVD:CVE-2007-6732

HistorySep 13, 2009 - 10:30 p.m.

CVE-2007-6732

2009-09-1322:30:00

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.5%

Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.

Affected configurations

NVD

Node

claudio_matsuokaextended_module_playerRange≤2.5.1

OR

claudio_matsuokaextended_module_playerMatch2.2.0

OR

claudio_matsuokaextended_module_playerMatch2.2.1

OR

claudio_matsuokaextended_module_playerMatch2.3.0

OR

claudio_matsuokaextended_module_playerMatch2.3.1

OR

claudio_matsuokaextended_module_playerMatch2.3.2

OR

claudio_matsuokaextended_module_playerMatch2.4.0

OR

claudio_matsuokaextended_module_playerMatch2.4.1

OR

claudio_matsuokaextended_module_playerMatch2.5.0

References

aluigi.altervista.org/adv/xmpbof-adv.txt

www.securityfocus.com/bid/27047

www.vupen.com/english/advisories/2008/0009

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.5%

Related for NVD:CVE-2007-6732

cve1 ubuntucve1 prion1 cvelist1 debiancve1 openvas4 fedora2 nessus2