PT-2010-3915 · Prosoft · Rosoft Audio Converter

Blake

Published

2010-06-18

Updated

2017-08-17

CVE-2010-2329

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Rosoft Audio Converter version 4.4.4

Description The issue allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file. This is due to a buffer overflow in the software.

Recommendations For Rosoft Audio Converter version 4.4.4, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restrict the handling of .m3u files to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-2329

Affected Products

Rosoft Audio Converter

PT-2010-3915 · Prosoft · Rosoft Audio Converter

CVE-2010-2329

Weakness Enumeration

Related Identifiers

Affected Products

References · 8