ID |
CVE-2011-0500
|
Sažetak |
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name. |
Reference |
|
CVSS |
Base: | 9.3 |
Impact: | 10.0 |
Exploitability: | 8.6 |
|
Pristup |
Vektor | Složenost | Autentikacija |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
COMPLETE |
COMPLETE |
COMPLETE |
|
CVSS vektor |
AV:N/AC:M/Au:N/C:C/I:C/A:C |
Zadnje važnije ažuriranje |
21-01-2011 - 05:00 |
Objavljeno |
20-01-2011 - 19:00 |