Search

Find a vulnerability

Search criteria

    14 vulnerabilities by cowon_america

    CVE-2009-4676 (GCVE-0-2009-4676)

    Vulnerability from nvd – Published: 2010-03-05 19:00 – Updated: 2024-09-16 22:09
    VLAI
    Summary
    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/35195 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:08:38.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "35195",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35195"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-03-05T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "35195",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35195"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4676",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "35195",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35195"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4676",
        "datePublished": "2010-03-05T19:00:00.000Z",
        "dateReserved": "2010-03-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:09:08.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4668 (GCVE-0-2009-4668)

    Vulnerability from nvd – Published: 2010-03-05 18:00 – Updated: 2024-08-07 07:08
    VLAI
    Summary
    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/503826/100… mailing-listx_refsource_BUGTRAQ
    http://www.exploit-db.com/exploits/8780 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/35195 third-party-advisoryx_refsource_SECUNIA
    http://retrogod.altervista.org/9sg_jetcast_heap_b… x_refsource_MISC
    Date Public
    2009-05-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:08:38.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
              },
              {
                "name": "8780",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/8780"
              },
              {
                "name": "35195",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35195"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-05-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
            },
            {
              "name": "8780",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/8780"
            },
            {
              "name": "35195",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35195"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4668",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
                },
                {
                  "name": "8780",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/8780"
                },
                {
                  "name": "35195",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35195"
                },
                {
                  "name": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html",
                  "refsource": "MISC",
                  "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4668",
        "datePublished": "2010-03-05T18:00:00.000Z",
        "dateReserved": "2010-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:08:38.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0747 (GCVE-0-2008-0747)

    Vulnerability from nvd – Published: 2008-02-13 19:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/5085 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/3642 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/487806/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2008/0502 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28855 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/27698 vdb-entryx_refsource_BID
    Date Public
    2008-02-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:23.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5085",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5085"
              },
              {
                "name": "3642",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3642"
              },
              {
                "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
              },
              {
                "name": "ADV-2008-0502",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0502"
              },
              {
                "name": "28855",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28855"
              },
              {
                "name": "27698",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27698"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5085",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5085"
            },
            {
              "name": "3642",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3642"
            },
            {
              "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
            },
            {
              "name": "ADV-2008-0502",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0502"
            },
            {
              "name": "28855",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28855"
            },
            {
              "name": "27698",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27698"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0747",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5085",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5085"
                },
                {
                  "name": "3642",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3642"
                },
                {
                  "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
                },
                {
                  "name": "ADV-2008-0502",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0502"
                },
                {
                  "name": "28855",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28855"
                },
                {
                  "name": "27698",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27698"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0747",
        "datePublished": "2008-02-13T19:00:00.000Z",
        "dateReserved": "2008-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:23.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5487 (GCVE-0-2007-5487)

    Vulnerability from nvd – Published: 2007-10-16 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/3489 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/4531 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/27149 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/26069 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-3489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3489"
              },
              {
                "name": "4531",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4531"
              },
              {
                "name": "27149",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27149"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26069"
              },
              {
                "name": "jetaudio-m3u-bo(37204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-3489",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3489"
            },
            {
              "name": "4531",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4531"
            },
            {
              "name": "27149",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27149"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26069"
            },
            {
              "name": "jetaudio-m3u-bo(37204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5487",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-3489",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3489"
                },
                {
                  "name": "4531",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4531"
                },
                {
                  "name": "27149",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27149"
                },
                {
                  "name": "26069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26069"
                },
                {
                  "name": "jetaudio-m3u-bo(37204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5487",
        "datePublished": "2007-10-16T23:00:00.000Z",
        "dateReserved": "2007-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4983 (GCVE-0-2007-4983)

    Vulnerability from nvd – Published: 2007-09-19 19:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/3196 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018716 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/26787 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/4427 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/37737 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/25723 vdb-entryx_refsource_BID
    Date Public
    2007-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:27.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-3196",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3196"
              },
              {
                "name": "1018716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018716"
              },
              {
                "name": "jetaudio-downloadfrommusic-code-execution(36693)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
              },
              {
                "name": "26787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26787"
              },
              {
                "name": "4427",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4427"
              },
              {
                "name": "37737",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37737"
              },
              {
                "name": "25723",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25723"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method.  NOTE: some of these details are obtained from third party information.  NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-3196",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3196"
            },
            {
              "name": "1018716",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018716"
            },
            {
              "name": "jetaudio-downloadfrommusic-code-execution(36693)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
            },
            {
              "name": "26787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26787"
            },
            {
              "name": "4427",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4427"
            },
            {
              "name": "37737",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37737"
            },
            {
              "name": "25723",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25723"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4983",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method.  NOTE: some of these details are obtained from third party information.  NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-3196",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3196"
                },
                {
                  "name": "1018716",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018716"
                },
                {
                  "name": "jetaudio-downloadfrommusic-code-execution(36693)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
                },
                {
                  "name": "26787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26787"
                },
                {
                  "name": "4427",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4427"
                },
                {
                  "name": "37737",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37737"
                },
                {
                  "name": "25723",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25723"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4983",
        "datePublished": "2007-09-19T19:00:00.000Z",
        "dateReserved": "2007-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:27.810Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4911 (GCVE-0-2007-4911)

    Vulnerability from nvd – Published: 2007-09-17 17:00 – Updated: 2024-08-07 15:08
    VLAI
    Summary
    JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4403 exploitx_refsource_EXPLOIT-DB
    http://www.vupen.com/english/advisories/2007/3170 vdb-entryx_refsource_VUPEN
    http://osvdb.org/40520 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/26815 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/25660 vdb-entryx_refsource_BID
    Date Public
    2007-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:08:33.827Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4403",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4403"
              },
              {
                "name": "ADV-2007-3170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3170"
              },
              {
                "name": "40520",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/40520"
              },
              {
                "name": "26815",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26815"
              },
              {
                "name": "jetcast-jsmp3oggwt-dos(36607)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
              },
              {
                "name": "25660",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25660"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4403",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4403"
            },
            {
              "name": "ADV-2007-3170",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3170"
            },
            {
              "name": "40520",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/40520"
            },
            {
              "name": "26815",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26815"
            },
            {
              "name": "jetcast-jsmp3oggwt-dos(36607)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
            },
            {
              "name": "25660",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25660"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4911",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4403",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4403"
                },
                {
                  "name": "ADV-2007-3170",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3170"
                },
                {
                  "name": "40520",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/40520"
                },
                {
                  "name": "26815",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26815"
                },
                {
                  "name": "jetcast-jsmp3oggwt-dos(36607)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
                },
                {
                  "name": "25660",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25660"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4911",
        "datePublished": "2007-09-17T17:00:00.000Z",
        "dateReserved": "2007-09-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:08:33.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2910 (GCVE-0-2006-2910)

    Vulnerability from nvd – Published: 2006-07-05 18:00 – Updated: 2024-08-07 18:06
    VLAI
    Summary
    Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:06:27.221Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "jetaudio-tooltip-idtag-bo(27593)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
              },
              {
                "name": "19456",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19456"
              },
              {
                "name": "ADV-2006-2667",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2667"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2006-45/advisory/"
              },
              {
                "name": "18825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "jetaudio-tooltip-idtag-bo(27593)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
            },
            {
              "name": "19456",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19456"
            },
            {
              "name": "ADV-2006-2667",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2667"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2006-45/advisory/"
            },
            {
              "name": "18825",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2006-2910",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "jetaudio-tooltip-idtag-bo(27593)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
                },
                {
                  "name": "19456",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19456"
                },
                {
                  "name": "ADV-2006-2667",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2667"
                },
                {
                  "name": "http://secunia.com/secunia_research/2006-45/advisory/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2006-45/advisory/"
                },
                {
                  "name": "18825",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2006-2910",
        "datePublished": "2006-07-05T18:00:00.000Z",
        "dateReserved": "2006-06-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:06:27.221Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4676 (GCVE-0-2009-4676)

    Vulnerability from cvelistv5 – Published: 2010-03-05 19:00 – Updated: 2024-09-16 22:09
    VLAI
    Summary
    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/35195 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:08:38.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "35195",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35195"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-03-05T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "35195",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35195"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4676",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "35195",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35195"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4676",
        "datePublished": "2010-03-05T19:00:00.000Z",
        "dateReserved": "2010-03-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:09:08.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4668 (GCVE-0-2009-4668)

    Vulnerability from cvelistv5 – Published: 2010-03-05 18:00 – Updated: 2024-08-07 07:08
    VLAI
    Summary
    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/503826/100… mailing-listx_refsource_BUGTRAQ
    http://www.exploit-db.com/exploits/8780 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/35195 third-party-advisoryx_refsource_SECUNIA
    http://retrogod.altervista.org/9sg_jetcast_heap_b… x_refsource_MISC
    Date Public
    2009-05-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:08:38.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
              },
              {
                "name": "8780",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/8780"
              },
              {
                "name": "35195",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35195"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-05-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
            },
            {
              "name": "8780",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/8780"
            },
            {
              "name": "35195",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35195"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4668",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090526 COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/503826/100/0/threaded"
                },
                {
                  "name": "8780",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/8780"
                },
                {
                  "name": "35195",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35195"
                },
                {
                  "name": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html",
                  "refsource": "MISC",
                  "url": "http://retrogod.altervista.org/9sg_jetcast_heap_bof.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4668",
        "datePublished": "2010-03-05T18:00:00.000Z",
        "dateReserved": "2010-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:08:38.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0747 (GCVE-0-2008-0747)

    Vulnerability from cvelistv5 – Published: 2008-02-13 19:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/5085 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/3642 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/487806/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2008/0502 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28855 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/27698 vdb-entryx_refsource_BID
    Date Public
    2008-02-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:23.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5085",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5085"
              },
              {
                "name": "3642",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3642"
              },
              {
                "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
              },
              {
                "name": "ADV-2008-0502",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0502"
              },
              {
                "name": "28855",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28855"
              },
              {
                "name": "27698",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27698"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5085",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5085"
            },
            {
              "name": "3642",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3642"
            },
            {
              "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
            },
            {
              "name": "ADV-2008-0502",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0502"
            },
            {
              "name": "28855",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28855"
            },
            {
              "name": "27698",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27698"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0747",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5085",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5085"
                },
                {
                  "name": "3642",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3642"
                },
                {
                  "name": "20080208 jetAudio \u003c= 7.0.5 (.ASX) Remote Stack Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/487806/100/0/threaded"
                },
                {
                  "name": "ADV-2008-0502",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0502"
                },
                {
                  "name": "28855",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28855"
                },
                {
                  "name": "27698",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27698"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0747",
        "datePublished": "2008-02-13T19:00:00.000Z",
        "dateReserved": "2008-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:23.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5487 (GCVE-0-2007-5487)

    Vulnerability from cvelistv5 – Published: 2007-10-16 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/3489 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/4531 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/27149 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/26069 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-3489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3489"
              },
              {
                "name": "4531",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4531"
              },
              {
                "name": "27149",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27149"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26069"
              },
              {
                "name": "jetaudio-m3u-bo(37204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-3489",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3489"
            },
            {
              "name": "4531",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4531"
            },
            {
              "name": "27149",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27149"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26069"
            },
            {
              "name": "jetaudio-m3u-bo(37204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5487",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-3489",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3489"
                },
                {
                  "name": "4531",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4531"
                },
                {
                  "name": "27149",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27149"
                },
                {
                  "name": "26069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26069"
                },
                {
                  "name": "jetaudio-m3u-bo(37204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5487",
        "datePublished": "2007-10-16T23:00:00.000Z",
        "dateReserved": "2007-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4983 (GCVE-0-2007-4983)

    Vulnerability from cvelistv5 – Published: 2007-09-19 19:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/3196 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018716 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/26787 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/4427 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/37737 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/25723 vdb-entryx_refsource_BID
    Date Public
    2007-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:27.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-3196",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3196"
              },
              {
                "name": "1018716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018716"
              },
              {
                "name": "jetaudio-downloadfrommusic-code-execution(36693)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
              },
              {
                "name": "26787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26787"
              },
              {
                "name": "4427",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4427"
              },
              {
                "name": "37737",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37737"
              },
              {
                "name": "25723",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25723"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method.  NOTE: some of these details are obtained from third party information.  NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-3196",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3196"
            },
            {
              "name": "1018716",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018716"
            },
            {
              "name": "jetaudio-downloadfrommusic-code-execution(36693)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
            },
            {
              "name": "26787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26787"
            },
            {
              "name": "4427",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4427"
            },
            {
              "name": "37737",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37737"
            },
            {
              "name": "25723",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25723"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4983",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method.  NOTE: some of these details are obtained from third party information.  NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-3196",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3196"
                },
                {
                  "name": "1018716",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018716"
                },
                {
                  "name": "jetaudio-downloadfrommusic-code-execution(36693)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36693"
                },
                {
                  "name": "26787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26787"
                },
                {
                  "name": "4427",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4427"
                },
                {
                  "name": "37737",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37737"
                },
                {
                  "name": "25723",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25723"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4983",
        "datePublished": "2007-09-19T19:00:00.000Z",
        "dateReserved": "2007-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:27.810Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4911 (GCVE-0-2007-4911)

    Vulnerability from cvelistv5 – Published: 2007-09-17 17:00 – Updated: 2024-08-07 15:08
    VLAI
    Summary
    JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4403 exploitx_refsource_EXPLOIT-DB
    http://www.vupen.com/english/advisories/2007/3170 vdb-entryx_refsource_VUPEN
    http://osvdb.org/40520 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/26815 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/25660 vdb-entryx_refsource_BID
    Date Public
    2007-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:08:33.827Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4403",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4403"
              },
              {
                "name": "ADV-2007-3170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3170"
              },
              {
                "name": "40520",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/40520"
              },
              {
                "name": "26815",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26815"
              },
              {
                "name": "jetcast-jsmp3oggwt-dos(36607)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
              },
              {
                "name": "25660",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25660"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4403",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4403"
            },
            {
              "name": "ADV-2007-3170",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3170"
            },
            {
              "name": "40520",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/40520"
            },
            {
              "name": "26815",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26815"
            },
            {
              "name": "jetcast-jsmp3oggwt-dos(36607)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
            },
            {
              "name": "25660",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25660"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4911",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4403",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4403"
                },
                {
                  "name": "ADV-2007-3170",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3170"
                },
                {
                  "name": "40520",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/40520"
                },
                {
                  "name": "26815",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26815"
                },
                {
                  "name": "jetcast-jsmp3oggwt-dos(36607)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
                },
                {
                  "name": "25660",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25660"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4911",
        "datePublished": "2007-09-17T17:00:00.000Z",
        "dateReserved": "2007-09-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:08:33.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2910 (GCVE-0-2006-2910)

    Vulnerability from cvelistv5 – Published: 2006-07-05 18:00 – Updated: 2024-08-07 18:06
    VLAI
    Summary
    Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:06:27.221Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "jetaudio-tooltip-idtag-bo(27593)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
              },
              {
                "name": "19456",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19456"
              },
              {
                "name": "ADV-2006-2667",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2667"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2006-45/advisory/"
              },
              {
                "name": "18825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "jetaudio-tooltip-idtag-bo(27593)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
            },
            {
              "name": "19456",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19456"
            },
            {
              "name": "ADV-2006-2667",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2667"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2006-45/advisory/"
            },
            {
              "name": "18825",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2006-2910",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "jetaudio-tooltip-idtag-bo(27593)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27593"
                },
                {
                  "name": "19456",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19456"
                },
                {
                  "name": "ADV-2006-2667",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2667"
                },
                {
                  "name": "http://secunia.com/secunia_research/2006-45/advisory/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2006-45/advisory/"
                },
                {
                  "name": "18825",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2006-2910",
        "datePublished": "2006-07-05T18:00:00.000Z",
        "dateReserved": "2006-06-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:06:27.221Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }