CVSS: 9.3EPSS: 17%CPEs: 1EXPL: 4CVE-2009-1645 – Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-1645
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. Múltiples desbordamientos de búfer basados en pila en Mini-stream Easy RM-MP3 Converter v3.0.0.7 permiten a atacantes remotos ejecutar código de su elección a través de (1) una URL stsp larga en un fichero .ram y (2) una cadena larga en el atributo HREF de un elemento REF en un fichero .asx. • https://www.exploit-db.com/exploits/8634 https://www.exploit-db.com/exploits/8633 http://www.securityfocus.com/bid/34860 http://www.securityfocus.com/bid/34864 https://exchange.xforce.ibmcloud.com/vulnerabilities/50376 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •