CVE-2009-1356

Properties

Published:
20.04.2009
Updated:
21.04.2009
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Product:
elecard: elecard_avc_hd_player

Vulnerability description

Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file.

References:

BID: http://www.securityfocus.com/bid/34560
MILW0RM: http://www.milw0rm.com/exploits/8452