CVE-2007-6558

EPSS 12.7%
Veröffentlicht 28.12.2007 00:46:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file.  NOTE: this might be a duplicate of CVE-2006-6288.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Totalplayer ≫ Totalplayer Version3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	12.7%	0.937

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/archive/1/485547/100/100/threaded

http://www.securityfocus.com/archive/1/485564/100/100/threaded

http://www.securityfocus.com/archive/1/485578/100/100/threaded

http://osvdb.org/39891

http://secunia.com/advisories/28236

Vendor Advisory

http://securityreason.com/securityalert/3500

http://www.securityfocus.com/archive/1/485513/100/0/threaded

http://www.securityfocus.com/bid/27021

http://www.vupen.com/english/advisories/2007/4322

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/39227