Lucene search

[email protected]NVD:CVE-2009-4755

HistoryMar 29, 2010 - 6:30 p.m.

CVE-2009-4755

2010-03-2918:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.185

Percentile

96.3%

JSON

Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.

Affected configurations

Nvd

Node

mercuryaudioaudio_playerMatch1.21

VendorProductVersionCPE
mercuryaudioaudio_player1.21cpe:2.3:a:mercuryaudio:audio_player:1.21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mercuryaudio	audio_player	1.21	cpe:2.3:a:mercuryaudio:audio_player:1.21:::::::*

References

osvdb.org/54170

secunia.com/advisories/34957

www.exploit-db.com/exploits/8580

www.exploit-db.com/exploits/8582

www.securityfocus.com/bid/34788

exchange.xforce.ibmcloud.com/vulnerabilities/50288

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.185

Percentile

96.3%

JSON

Related for NVD:CVE-2009-4755

cve1 cvelist1 exploitdb1 prion1