Lucene search

PRIOn knowledge basePRION:CVE-2007-2498

HistoryMay 04, 2007 - 12:19 a.m.

Information disclosure

2007-05-0400:19:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.4%

JSON

libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
winampeq5.24
winampeq5.31
winampeq5.23
winampeq5.33
winampeq5.34
winampeq5.21
winampeq5.3
winampeq5.32
winampeq5.2
winampeq5.22

Name	Operator	Version
winamp	eq	5.24
winamp	eq	5.31
winamp	eq	5.23
winamp	eq	5.33
winamp	eq	5.34
winamp	eq	5.21
winamp	eq	5.3
winamp	eq	5.32
winamp	eq	5.2
winamp	eq	5.22

References

secunia.com/advisories/25089

securitytracker.com/id?1017993

www.securityfocus.com/bid/23723

www.vupen.com/english/advisories/2007/1594

exchange.xforce.ibmcloud.com/vulnerabilities/34030

www.exploit-db.com/exploits/3823

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2007-2498