CVE-2009-2617

Name of the Vulnerable Software and Affected Versions BaoFeng Storm version 3.9.62

Description The issue is a stack-based buffer overflow in the medialib.dll component, which can be exploited by remote attackers to execute arbitrary code. This can be achieved by providing a long pathname in the source attribute of an item element in a .smpl playlist file.

Recommendations For BaoFeng Storm version 3.9.62, update to a newer version that contains a fix for this issue, as using a long pathname in the source attribute of an item element in a .smpl playlist file can lead to arbitrary code execution. As a temporary workaround, consider restricting the length of pathnames used in .smpl playlist files to prevent potential exploitation.