CVE-2009-2550 - Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrar

CVE-2009-2550

Summary

Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file.

References

http://osvdb.org/55871
http://secunia.com/advisories/35825
https://exchange.xforce.ibmcloud.com/vulnerabilities/51732
http://www.exploit-db.com/exploits/9172
http://www.exploit-db.com/exploits/9157

Vulnerable Configurations

cpe:2.3:a:ondanera:hamster_audio_player:0.3a:*:*:*:*:*:*:*
cpe:2.3:a:ondanera:hamster_audio_player:0.3a:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 14-02-2024 - 17:21)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

exploit-db	9157 9172
osvdb	55871
secunia	35825
xf	hamster-m3u-hpl-bo(51732)

Last major update

14-02-2024 - 17:21

Published

20-07-2009 - 20:00

Last modified

14-02-2024 - 17:21