CVE-2011-5003

Опубликовано: 25 дек. 2011

Источник: nvd

CVSS2: 10

EPSS Высокий

Описание

Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659.

Ссылки

http://secunia.com/advisories/47047
Vendor Advisory
http://www.exploit-db.com/exploits/18183
http://www.osvdb.org/77376
http://www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pdf
http://www.securityfocus.com/bid/50843
https://exchange.xforce.ibmcloud.com/vulnerabilities/71514
http://secunia.com/advisories/47047
Vendor Advisory
http://www.exploit-db.com/exploits/18183
http://www.osvdb.org/77376
http://www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pdf
http://www.securityfocus.com/bid/50843
https://exchange.xforce.ibmcloud.com/vulnerabilities/71514

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avid:media_composer:*:*:*:*:*:*:*:*

Версия до 5.5.3 (включая)

EPSS

Процентиль: 99%

0.73341

Высокий

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-mxg3-5hmw-28wr

github

больше 3 лет назад