Lucene search

K

[email protected]NVD:CVE-2010-2546

HistoryAug 05, 2010 - 1:22 p.m.

CVE-2010-2546

2010-08-0513:22:29

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.219 Low

EPSS

Percentile

96.5%

Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.

Affected configurations

NVD

Node

raphael_assenatlibmikmodMatch3.1.12

References

secunia.com/advisories/40799

secunia.com/advisories/48244

security.gentoo.org/glsa/glsa-201203-10.xml

sourceforge.net/tracker/?func=detail&aid=3033086&group_id=40531&atid=428227

www.debian.org/security/2010/dsa-2081

www.mandriva.com/security/advisories?name=MDVSA-2010:151

www.securityfocus.com/bid/41917

www.vupen.com/english/advisories/2010/1957

bugzilla.redhat.com/show_bug.cgi?id=614643

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.219 Low

EPSS

Percentile

96.5%

Related for NVD:CVE-2010-2546

debian2 prion3 ubuntucve4 openvas25 debiancve3 cve3 securityvulns6 cvelist3 nessus18 osv1 nvd2 veracode2 ubuntu1 fedora2 gentoo1 seebug1 redhat1 centos1 oraclelinux1 altlinux1