CVE-2011-5003

Name of the Vulnerable Software and Affected Versions Avid Media Composer versions 5.5.3 and earlier

Description The issue is related to a stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) that allows remote attackers to execute arbitrary code. This can be achieved by sending a long request to TCP port 4659.

Recommendations For versions 5.5.3 and earlier, consider restricting access to TCP port 4659 to minimize the risk of exploitation. As a temporary workaround, disabling the AvidPhoneticIndexer.exe service may help prevent attacks until a fix is available.