Heap overflow

2009-10-2716:30:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

Low

0.166 Low

EPSS

Percentile

96.1%

JSON

Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file.

CPENameOperatorVersion
otsav_djeq1.85.64.0 trial
otsav_radioeq1.85.64.0 trial
otsav_tveq1.85.64.0 trial

Name	Operator	Version
otsav_dj	eq	1.85.64.0 trial
otsav_radio	eq	1.85.64.0 trial
otsav_tv	eq	1.85.64.0 trial

References

osvdb.org/55747

packetstormsecurity.org/0907-exploits/otsav-overflow.txt

secunia.com/advisories/35738

www.vupen.com/english/advisories/2009/1861

exchange.xforce.ibmcloud.com/vulnerabilities/51628

www.exploit-db.com/exploits/9113