CVE

Id
37910  
CVE No.
CVE-2009-0475  
Status
Candidate  
Description
Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.  
Phase
Assigned (20090206)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
411697 37910 CVE-2009-0475 BUGTRAQ:20090207 [oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding  View
411698 37910 CVE-2009-0475 URL:http://www.securityfocus.com/archive/1/archive/1/500750/100/0/threaded  View
411699 37910 CVE-2009-0475 MISC:http://www.ocert.org/advisories/ocert-2009-002.html  View
411700 37910 CVE-2009-0475 CONFIRM:http://android.git.kernel.org/?p=platform/external/opencore.git;a=commit;h=7b466cd0ecfdba72c4cbd0f3a8c2001141376b0f  View
411701 37910 CVE-2009-0475 CONFIRM:http://review.source.android.com/Gerrit#change,8815  View
411702 37910 CVE-2009-0475 BID:33673  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43450 JVNDB-2009-004457 Online Grades の admin/admin_login.php における SQL インジェクションの脆弱性 Online Grades の admin/admin_login.php には、SQL インジェクションの脆弱性が存在します。 CVE-2009-0479 37910 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004457.html  View