CVE-2009-0182

Опубликовано: 20 янв. 2009

Источник: nvd

CVSS3: 8.8

CVSS2: 9.3

EPSS Высокий

Описание

Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.

Ссылки

http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html
Exploit
Third Party Advisory
VDB Entry
http://securityreason.com/securityalert/4923
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/48170
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/7695
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html
Exploit
Third Party Advisory
VDB Entry
http://securityreason.com/securityalert/4923
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/48170
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/7695
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vuplayer:vuplayer:*:*:*:*:*:*:*:*

Версия до 2.49 (включая)

EPSS

Процентиль: 99%

0.79024

Высокий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-f9p2-88mm-74g3