CVE-2009-1608

Опубликовано: 11 мая 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields.

Ссылки

http://osvdb.org/54370
http://secunia.com/advisories/35054
Vendor Advisory
http://security.bkis.vn/?p=654
http://www.securityfocus.com/archive/1/503400/100/0/threaded
http://www.securityfocus.com/bid/34897
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/50418
https://exchange.xforce.ibmcloud.com/vulnerabilities/50419
http://osvdb.org/54370
http://secunia.com/advisories/35054
Vendor Advisory
http://security.bkis.vn/?p=654
http://www.securityfocus.com/archive/1/503400/100/0/threaded
http://www.securityfocus.com/bid/34897
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/50418
https://exchange.xforce.ibmcloud.com/vulnerabilities/50419

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microchip:mplab_ide:8.30:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07912

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-7c54-g2rx-pfv3

github

почти 4 года назад