CVE-2009-2550

Опубликовано: 20 июл. 2009

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file.

Ссылки

http://osvdb.org/55871
Broken Link
http://secunia.com/advisories/35825
Broken Link
Vendor Advisory
http://www.exploit-db.com/exploits/9157
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/9172
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/51732
Third Party Advisory
VDB Entry
http://osvdb.org/55871
Broken Link
http://secunia.com/advisories/35825
Broken Link
Vendor Advisory
http://www.exploit-db.com/exploits/9157
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/9172
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/51732
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ondanera:hamster_audio_player:0.3a:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.21198

Средний

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-vwxj-c2x7-fp2v

github

почти 4 года назад