CVE-2013-3259

Published Mar 3, 2014

Last updated 3 months ago

CVSS info 6.8

Overview

Description: Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.
Source: PSIRT-CNA@flexerasoftware.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "685323F8-E7B2-4B7C-B036-02C3C4CD5B37",
            "versionEndIncluding": "8.6.1"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "818A714F-D2D8-4F3F-AF5F-5939C3B3BA1C"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CA87325-3920-4761-A3E2-A5E1A93490DE"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "333C7306-AD91-4594-8406-C22AB6A0EA83"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AB1D0D3-05E1-43C8-B611-6C01D193E57F"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2435104-86EA-42F0-B0A1-52F6C4843006"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39C9BF54-8EAE-40CA-A814-6AF66FB98020"
          },
          {
            "criteria": "cpe:2.3:a:inmatrix:zoom_player:8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "221AE60F-31CE-42FF-AC92-9D8665DE136B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References