CVE-2009-1437

EUVD-2009-1435
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
coolplayercoolplayer
2.19.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/53885
http://secunia.com/advisories/34816
https://exchange.xforce.ibmcloud.com/vulnerabilities/49984
https://hansesecure.de/vulnerability-in-coolplayer/
https://www.exploit-db.com/exploits/8489
https://www.exploit-db.com/exploits/8519
https://www.exploit-db.com/exploits/8520
http://osvdb.org/53885
http://secunia.com/advisories/34816
https://exchange.xforce.ibmcloud.com/vulnerabilities/49984
https://hansesecure.de/vulnerability-in-coolplayer/
https://www.exploit-db.com/exploits/8489
https://www.exploit-db.com/exploits/8519
https://www.exploit-db.com/exploits/8520