PT-2008-3432 · Nero · Nero Mediahome+1

Luigi Auriemma

Published

2008-04-21

Updated

2017-08-08

CVE-2008-1905

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Nero MediaHome versions 3.3.3.0 and earlier Nero versions 8.3.2.1 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This can be achieved by sending a long HTTP request to TCP port 54444.

Recommendations For Nero MediaHome versions 3.3.3.0 and earlier, consider restricting access to TCP port 54444 to minimize the risk of exploitation. For Nero versions 8.3.2.1 and earlier, avoid using the affected Nero MediaHome component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2008-1905

Affected Products

Nero

Nero Mediahome

PT-2008-3432 · Nero · Nero Mediahome+1

CVE-2008-1905

Weakness Enumeration

Related Identifiers

Affected Products

References · 6