Lucene search

FlexeraCVE-2013-3259

HistoryMar 03, 2014 - 4:55 p.m.

CVE-2013-3259

2014-03-0316:55:03

CWE-119

flexera

web.nvd.nist.gov

cve

2013

3259

stack-based buffer overflow

inmatrix zoom player

arbitrary code execution

bmp file

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.

Affected configurations

Nvd

Node

inmatrixzoom_playerRange≤8.6.1

inmatrixzoom_playerMatch8.00

inmatrixzoom_playerMatch8.1.1

inmatrixzoom_playerMatch8.1.5

inmatrixzoom_playerMatch8.1.6

inmatrixzoom_playerMatch8.5

inmatrixzoom_playerMatch8.6

inmatrixzoom_playerMatch8.10

VendorProductVersionCPE
inmatrixzoom_player*cpe:2.3:a:inmatrix:zoom_player:*:*:*:*:*:*:*:*
inmatrixzoom_player8.00cpe:2.3:a:inmatrix:zoom_player:8.00:*:*:*:*:*:*:*
inmatrixzoom_player8.1.1cpe:2.3:a:inmatrix:zoom_player:8.1.1:*:*:*:*:*:*:*
inmatrixzoom_player8.1.5cpe:2.3:a:inmatrix:zoom_player:8.1.5:*:*:*:*:*:*:*
inmatrixzoom_player8.1.6cpe:2.3:a:inmatrix:zoom_player:8.1.6:*:*:*:*:*:*:*
inmatrixzoom_player8.5cpe:2.3:a:inmatrix:zoom_player:8.5:*:*:*:*:*:*:*
inmatrixzoom_player8.6cpe:2.3:a:inmatrix:zoom_player:8.6:*:*:*:*:*:*:*
inmatrixzoom_player8.10cpe:2.3:a:inmatrix:zoom_player:8.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
inmatrix	zoom_player	*	cpe:2.3:a:inmatrix:zoom_player::::::::
inmatrix	zoom_player	8.00	cpe:2.3:a:inmatrix:zoom_player:8.00:::::::*
inmatrix	zoom_player	8.1.1	cpe:2.3:a:inmatrix:zoom_player:8.1.1:::::::*
inmatrix	zoom_player	8.1.5	cpe:2.3:a:inmatrix:zoom_player:8.1.5:::::::*
inmatrix	zoom_player	8.1.6	cpe:2.3:a:inmatrix:zoom_player:8.1.6:::::::*
inmatrix	zoom_player	8.5	cpe:2.3:a:inmatrix:zoom_player:8.5:::::::*
inmatrix	zoom_player	8.6	cpe:2.3:a:inmatrix:zoom_player:8.6:::::::*
inmatrix	zoom_player	8.10	cpe:2.3:a:inmatrix:zoom_player:8.10:::::::*

References

osvdb.org/94037

secunia.com/advisories/52698

www.securityfocus.com/bid/60418

exchange.xforce.ibmcloud.com/vulnerabilities/84835

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

Related for CVE-2013-3259