9.3
CVE-2011-5165
- EPSS 37%
- Veröffentlicht 15.09.2012 17:55:04
- Zuletzt bearbeitet 16.06.2026 23:36:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginStack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cleanersoft ≫ Free Mp3 Cd Ripper Version <= 2.6
Cleanersoft ≫ Free Mp3 Cd Ripper Version1.1
Cleanersoft ≫ Free Mp3 Cd Ripper Version2.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 37% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/39193
http://www.exploit-db.com/exploits/11975
http://www.exploit-db.com/exploits/11976
http://www.exploit-db.com/exploits/17727
http://www.exploit-db.com/exploits/18142
http://www.osvdb.org/63349
http://www.securityfocus.com/bid/39672
https://www.exploit-db.com/exploits/36465/
https://www.exploit-db.com/exploits/36826/
https://www.exploit-db.com/exploits/36827/