PT-2009-6163 · Cowon · Jetaudio
Prodigy
·
Publicado
2009-11-16
·
Atualizado
2017-09-19
·
CVE-2009-3948
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
JetAudio version 7.5.3
Description
The issue allows remote attackers to cause a denial of service, resulting in memory consumption and application crash, by providing a long string at the end of a .wav file.
Recommendations
For JetAudio version 7.5.3, consider avoiding the use of .wav files with long strings at the end until a patch is available. As a temporary workaround, restrict the handling of .wav files to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jetaudio