PT-2010-1565 · Native Instruments · Beatport Player

Sirgod

Publicado

2010-03-29

Atualizado

2017-09-19

CVE-2009-4756

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Beatport Player version 1.0.0.0

Description The issue is a stack-based buffer overflow in TraktorBeatport.exe, allowing remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.

Recommendations For Beatport Player version 1.0.0.0, consider avoiding the use of malformed playlist (.m3u) files until a patch is available. As a temporary workaround, restrict access to the TraktorBeatport.exe module to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2009-4756

Produtos afetados

Beatport Player

PT-2010-1565 · Native Instruments · Beatport Player

CVE-2009-4756

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11