Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1370

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-1370
Last Modified 23 Apr 2009 12:00:00
Published 22 Apr 2009 05:30:14
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1370

Summary

Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file.

Vulnerable Systems

Application

  • Xilisoft Video Converter 3.1.53

  • Xilisoft Video Converter 5.1.23


References

XF - vcw-cue-bo(49807)

BID - 34472

MILW0RM - 8390

SECUNIA - 34660


Last Updated: 27 May 2016 10:50:32