Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html | Exploit Third Party Advisory VDB Entry |
http://securityreason.com/securityalert/4923 | Exploit Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/48170 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/7695 | Exploit Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html | Exploit Third Party Advisory VDB Entry |
http://securityreason.com/securityalert/4923 | Exploit Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/48170 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/7695 | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 00:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://securityreason.com/securityalert/4923 - Exploit, Third Party Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/48170 - Third Party Advisory, VDB Entry | |
References | () https://www.exploit-db.com/exploits/7695 - Exploit, Third Party Advisory, VDB Entry |
22 Apr 2022, 18:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:vuplayer:vuplayer:1.8:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.45:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.21:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.0:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.22:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.11:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.48:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.41:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.23:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.42:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.9:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.5:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.1:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.2:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.2:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.6:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.4:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.2:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.47:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.04:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.0:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.01:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.3:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.3:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.8:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.3:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.05:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.4:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.7:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.1:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.7:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.1:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.46:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:0.9:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.43:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.5:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.4:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.02:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.01:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:1.6:*:*:*:*:*:*:* cpe:2.3:a:vuplayer:vuplayer:2.44:*:*:*:*:*:*:* |
|
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/48170 - Third Party Advisory, VDB Entry | |
References | (SREASON) http://securityreason.com/securityalert/4923 - Exploit, Third Party Advisory | |
References | (EXPLOIT-DB) https://www.exploit-db.com/exploits/7695 - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry |
10 Jan 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2009-01-20 16:30
Updated : 2024-11-21 00:59
NVD link : CVE-2009-0182
Mitre link : CVE-2009-0182
CVE.ORG link : CVE-2009-0182
JSON object : View
Products Affected
vuplayer
- vuplayer
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')