Описание
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.3 (включая)
Одно из
cpe:2.3:a:malsmith:serenity_audio_player:*:*:*:*:*:*:*:*
cpe:2.3:a:malsmith:serenity_audio_player:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:malsmith:serenity_audio_player:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:malsmith:serenity_audio_player:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:malsmith:serenity_audio_player:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:malsmith:serenity_audio_player:3.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07999
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 92%
0.07999
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119