CVE-2009-3201 - Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a deni

CVE-2009-3201

Summary

Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940.

References

http://www.exploit-db.com/exploits/9620
http://www.securityfocus.com/bid/36333

Vulnerable Configurations

cpe:2.3:a:rob_schultz:media_player_classic:6.4.9:*:*:*:*:*:*:*
cpe:2.3:a:rob_schultz:media_player_classic:6.4.9:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

bid	36333
exploit-db	9620

Last major update

19-09-2017 - 01:29

Published

15-09-2009 - 23:30

Last modified

19-09-2017 - 01:29