CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4201

Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 allow remote attackers to execute arbitrary code via an MP3 file with a long string in the (1) ID3v1, (2) ID3v2, or (3) APEv2 metadata field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.6%

CVSS Severity

CVSS v2 Score 9.3

References

http://liquidworm.blogspot.com/2009/05/mp3-tag-assistant-pro-292-tag-metadata.html
http://osvdb.org/54810
http://secunia.com/advisories/35305
https://exchange.xforce.ibmcloud.com/vulnerabilities/50870
http://liquidworm.blogspot.com/2009/05/mp3-tag-assistant-pro-292-tag-metadata.html
http://osvdb.org/54810
http://secunia.com/advisories/35305
https://exchange.xforce.ibmcloud.com/vulnerabilities/50870

Products affected by CVE-2009-4201

Assistanttools » Mp3 Tag Assistance Professional » Version: 2.92

cpe:2.3:a:assistanttools:mp3_tag_assistance_professional:2.92

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4201

Products

Pricing

Contact Us