9.3
CVE-2009-0476
- EPSS 37.04%
- Veröffentlicht 08.02.2009 21:30:09
- Zuletzt bearbeitet 16.06.2026 23:05:07
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginStack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Multimediasoft ≫ Audio Dj Studio For .Net Version-
Multimediasoft ≫ Audio Sound Editer For .Net Version-
Multimediasoft ≫ Audio Sound Recorder For .Net Version-
Multimediasoft ≫ Audio Sound Studio For .Net Version-
Multimediasoft ≫ Audio Sound Suite For .Net Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 37.04% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/33791
http://secunia.com/advisories/33817
http://www.securityfocus.com/archive/1/500652/100/0/threaded
http://www.securityfocus.com/bid/33589
http://www.vupen.com/english/advisories/2009/0316
https://www.exploit-db.com/exploits/7958
https://www.exploit-db.com/exploits/7973
https://www.exploit-db.com/exploits/7974