PT-2009-5942 · Ksp · Ksp Sound Player

Hack4Love

Published

2009-10-11

Updated

2017-09-19

CVE-2009-3670

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions KSP Sound Player versions 2009 R2 through R2.1

Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved by providing a long string in a .m3u playlist file.

Recommendations For versions 2009 R2 and R2.1, avoid using .m3u playlist files with long strings until a fix is available. As a temporary workaround, consider restricting the use of .m3u files to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2009-3670

Affected Products

Ksp Sound Player

PT-2009-5942 · Ksp · Ksp Sound Player

CVE-2009-3670

Weakness Enumeration

Related Identifiers

Affected Products

References · 5