CVSS: 9.3EPSS: 18%CPEs: 1EXPL: 4CVE-2009-4755 – Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow
https://notcve.org/view.php?id=CVE-2009-4755
Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file. Varios desbordamientos de búfer basados en pila en Mercury Audio Player v1.21 permiten a atacantes remotos ejecutar código de su elección a través de una cadena de texto extensa en un fichero de lista de reproducción (1) .b4s o (2) .pls malformado. • https://www.exploit-db.com/exploits/8580 http://osvdb.org/54170 http://secunia.com/advisories/34957 http://www.exploit-db.com/exploits/8580 http://www.exploit-db.com/exploits/8582 http://www.securityfocus.com/bid/34788 https://exchange.xforce.ibmcloud.com/vulnerabilities/50288 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 13%CPEs: 1EXPL: 5CVE-2009-4754 – Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-4754
Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. Desbordamiento de búfer basado en pila en Mercury Audio Player v1.21 permite a atacantes remotos ejecutar código de su elección a través de una cadena de texto extensa en un fichero de lista de reproducción (.m3u) mal formado. • https://www.exploit-db.com/exploits/8578 https://www.exploit-db.com/exploits/8583 http://secunia.com/advisories/34957 http://www.exploit-db.com/exploits/8578 http://www.exploit-db.com/exploits/8583 http://www.securityfocus.com/bid/34788 https://exchange.xforce.ibmcloud.com/vulnerabilities/50288 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •