Lucene search

[email protected]CVE-2006-4235

HistoryAug 21, 2006 - 6:04 p.m.

CVE-2006-4235

2006-08-2118:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4235

buffer overflow

sony sonicstage

remote code execution

smp file

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.353 Low

EPSS

Percentile

97.2%

JSON

Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 through 2.2.01 allows remote attackers to execute arbitrary code via a crafted SMP file.

Affected configurations

NVD

Node

sonysonicstage_mastering_studioMatch1.1.00

sonysonicstage_mastering_studioMatch1.2.00

sonysonicstage_mastering_studioMatch1.2.01

sonysonicstage_mastering_studioMatch1.2.02

sonysonicstage_mastering_studioMatch1.3.00

sonysonicstage_mastering_studioMatch1.4.00

sonysonicstage_mastering_studioMatch1.4.01

sonysonicstage_mastering_studioMatch1.4.02

sonysonicstage_mastering_studioMatch1.4.03

sonysonicstage_mastering_studioMatch2.0.00

sonysonicstage_mastering_studioMatch2.1.00

sonysonicstage_mastering_studioMatch2.1.01

sonysonicstage_mastering_studioMatch2.2.01

CPENameOperatorVersion
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.1.00
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.2.00
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.2.01
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.2.02
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.3.00
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.4.00
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.4.01
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.4.02
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq1.4.03
sony:sonicstage_mastering_studiosony sonicstage mastering studioeq2.0.00

CPE	Name	Operator	Version
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.1.00
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.2.00
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.2.01
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.2.02
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.3.00
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.4.00
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.4.01
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.4.02
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	1.4.03
sony:sonicstage_mastering_studio	sony sonicstage mastering studio	eq	2.0.00

Rows per page:

1-10 of 131

References

kb.sony-europe.com/KB/Solutions/EN/V00000_V00499/v00244.html

secunia.com/advisories/21510

www.kb.cert.org/vuls/id/697761

www.osvdb.org/27966

www.pentest.co.uk/documents/ptl-2006-01.html

www.securityfocus.com/bid/19558

www.vupen.com/english/advisories/2006/3286

exchange.xforce.ibmcloud.com/vulnerabilities/28421

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.353 Low

EPSS

Percentile

97.2%

JSON

Related for CVE-2006-4235

cvelist1 nvd1