Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4648

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-4648
Last Modified 05 Sep 2008 04:57:26
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-4648

Summary

Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.

Vulnerable Systems

Application

  • Illustrate Dbpoweramp Music Converter 11.5


References

SECTRACK - 1015415

MISC - http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.html


Last Updated: 27 May 2016 10:41:22