Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0182

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-0182
Last Modified 29 Jan 2009 02:01:07
Published 20 Jan 2009 11:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0182

Summary

Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.

Vulnerable Systems

Application

  • Vuplayer 0.1

  • Vuplayer 0.2

  • Vuplayer 0.3

  • Vuplayer 0.4

  • Vuplayer 0.5

  • Vuplayer 0.6

  • Vuplayer 0.7

  • Vuplayer 0.8

  • Vuplayer 0.9

  • Vuplayer 1.0

  • Vuplayer 1.01

  • Vuplayer 1.04

  • Vuplayer 1.05

  • Vuplayer 1.1

  • Vuplayer 1.2

  • Vuplayer 1.3

  • Vuplayer 1.4

  • Vuplayer 1.5

  • Vuplayer 1.6

  • Vuplayer 1.7

  • Vuplayer 1.8

  • Vuplayer 1.9

  • Vuplayer 2.0

  • Vuplayer 2.01

  • Vuplayer 2.02

  • Vuplayer 2.03

  • Vuplayer 2.1

  • Vuplayer 2.11

  • Vuplayer 2.2

  • Vuplayer 2.21

  • Vuplayer 2.22

  • Vuplayer 2.23

  • Vuplayer 2.3

  • Vuplayer 2.4

  • Vuplayer 2.41

  • Vuplayer 2.42

  • Vuplayer 2.43

  • Vuplayer 2.44

  • Vuplayer 2.45

  • Vuplayer 2.46

  • Vuplayer 2.47

  • Vuplayer 2.48

  • Vuplayer 2.49


References

XF - vuplayer-fileline-bo(48170)

MILW0RM - 7695

SREASON - 4923


Last Updated: 27 May 2016 10:50:08