Lucene search

[email protected]CVE-2007-5709

HistoryOct 30, 2007 - 7:46 p.m.

CVE-2007-5709

2007-10-3019:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-5709

sony

sonicstage

connect player

buffer overflow

remote code execution

m3u file

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.163 Low

EPSS

Percentile

96.0%

JSON

Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file.

Affected configurations

NVD

Node

sonysonicstage_connect_playerMatch4.3

CPENameOperatorVersion
sony:sonicstage_connect_playersony sonicstage connect playereq4.3

CPE	Name	Operator	Version
sony:sonicstage_connect_player	sony sonicstage connect player	eq	4.3

References

osvdb.org/41998

secunia.com/advisories/27270

www.securityfocus.com/bid/26241

exchange.xforce.ibmcloud.com/vulnerabilities/38160

www.exploit-db.com/exploits/4583

Social References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.163 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2007-5709

prion1 cvelist1 jvn1 nvd1