CVE-2009-0476
Published Feb 8, 2009
Last updated 6 years ago
Overview
- Description
- Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:multimediasoft:audio_dj_studio_for_.net:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF5636AC-D0E1-4390-93B2-E3ADCC471A36"
},
{
"criteria": "cpe:2.3:a:multimediasoft:audio_sound_editer_for_.net:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D4D4B16-2810-48EA-B8EB-A1359AD1BD15"
},
{
"criteria": "cpe:2.3:a:multimediasoft:audio_sound_recorder_for_.net:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3BA5495-6851-4CD6-A4E3-EB37B0B7E246"
},
{
"criteria": "cpe:2.3:a:multimediasoft:audio_sound_studio_for_.net:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF14BA0A-66B3-4DA2-8989-D7F988DAD4A6"
},
{
"criteria": "cpe:2.3:a:multimediasoft:audio_sound_suite_for_.net:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06B49DAC-FE92-491A-998F-B3A75B4EAC6D"
}
],
"operator": "OR"
}
]
}
]