Vulnerability Details : CVE-2009-0490
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2009-0490
- cpe:2.3:a:audacityteam:audacity:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0490
7.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0490
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-0490
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0490
-
https://www.exploit-db.com/exploits/7634
Audacity 1.2.6 - '.gro' Local Buffer Overflow (PoC) - Windows dos ExploitThird Party Advisory;VDB Entry
-
http://bugs.gentoo.org/show_bug.cgi?id=253493
253493 – (CVE-2009-0490) media-sound/audacity <1.3.6 Buffer overflow in String_parse::get_nonspace_quoted() (CVE-2009-0490)Third Party Advisory
-
http://www.vupen.com/english/advisories/2009/0008
Site en constructionBroken Link
-
http://www.securityfocus.com/bid/33090
Broken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:004 - openSUSE Security Announce - openSUSE Mailing ListsThird Party Advisory
-
http://n2.nabble.com/Audacity-%22String_parse::get_nonspace_quoted()%22-Buffer-Overflow-td2139537.html
Broken Link
Jump to