FKIE_CVE-2013-3259
Vulnerability from fkie_nvd - Published: 2014-03-03 16:55 - Updated: 2026-06-16 23:54
Severity
Summary
Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| inmatrix | zoom_player | * | |
| inmatrix | zoom_player | 8.00 | |
| inmatrix | zoom_player | 8.1.1 | |
| inmatrix | zoom_player | 8.1.5 | |
| inmatrix | zoom_player | 8.1.6 | |
| inmatrix | zoom_player | 8.5 | |
| inmatrix | zoom_player | 8.6 | |
| inmatrix | zoom_player | 8.10 |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "PSIRT-CNA@flexerasoftware.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685323F8-E7B2-4B7C-B036-02C3C4CD5B37",
"versionEndIncluding": "8.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "818A714F-D2D8-4F3F-AF5F-5939C3B3BA1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA87325-3920-4761-A3E2-A5E1A93490DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "333C7306-AD91-4594-8406-C22AB6A0EA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB1D0D3-05E1-43C8-B611-6C01D193E57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A2435104-86EA-42F0-B0A1-52F6C4843006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "39C9BF54-8EAE-40CA-A814-6AF66FB98020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:inmatrix:zoom_player:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "221AE60F-31CE-42FF-AC92-9D8665DE136B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en INMATRIX Zoom Player anterior a 8.7 beta 11 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor biClrUsed grande en un archivo BMP."
}
],
"id": "CVE-2013-3259",
"lastModified": "2026-06-16T23:54:47.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-03T16:55:03.773",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/94037"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52698"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/60418"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/94037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/60418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84835"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…