Lucene search

[email protected]CVE-2008-4087

HistorySep 15, 2008 - 5:12 p.m.

CVE-2008-4087

2008-09-1517:12:51

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-4087

buffer overflow

acoustica beatcraft

denial of service

arbitrary code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a long string in a certain instruments title field.

Affected configurations

NVD

Node

acousticabeatcraftMatch1.02build_19

CPENameOperatorVersion
acoustica:beatcraftacoustica beatcrafteq1.02

CPE	Name	Operator	Version
acoustica:beatcraft	acoustica beatcraft	eq	1.02

References

secunia.com/advisories/31660

securityreason.com/securityalert/4259

www.securityfocus.com/bid/30938

exchange.xforce.ibmcloud.com/vulnerabilities/44794

www.exploit-db.com/exploits/6333

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for CVE-2008-4087

nvd1 prion1 cvelist1