Cowon America : Security Vulnerabilities, CVEs,

CVE-2009-4676

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
9.3
EPSS Score
0.40%
Published
2010-03-05
Updated
2010-03-08

CVE-2009-4668

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
4.09%
Published
2010-03-05
Updated
2018-10-10

CVE-2008-0747

Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
Max CVSS
9.3
EPSS Score
11.56%
Published
2008-02-13
Updated
2018-10-15

CVE-2007-5487

Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.
Max CVSS
9.3
EPSS Score
16.57%
Published
2007-10-16
Updated
2017-10-19

CVE-2007-4983

Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.
Max CVSS
10.0
EPSS Score
19.13%
Published
2007-09-19
Updated
2017-09-29

CVE-2007-4911

JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
7.30%
Published
2007-09-17
Updated
2017-09-29

CVE-2006-2910

Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.
Max CVSS
5.1
EPSS Score
0.70%
Published
2006-07-05
Updated
2017-07-20
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close