CVE-2007-6609

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Buffer Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 31/12/07 - Updated on 08/08/17

Description

Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1) cTag or (2) cValue field in an OGG Vorbis file.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2007-6609

Exploits

Exploit-DBEDB-30956
SecurityFocusBID-27061

Relative technologies

VendorProduct
coolplayercoolplayer

Share this vulnerability with:

Twitter Facebook LinkedIn Mail