CVE-1999-0946
published 1999-11-02CVE-1999-0946: Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
PriorityP417medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
1.75%
75.1th percentile
Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yamaha | midiplug | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CAPEC
Overflow Variables and Tags
mitre_capec
[HIGH] Overflow Variables and Tags
CAPEC-46: Overflow Variables and Tags
This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The adversary crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
Execution Flow:
Step 1 [Explore]: [Identify target application] The adversary identifies a target application or program to perform the buffer overflow on. Adversaries look for applications or programs that accept formatted files, such as configuration files, as input.
Step 2 [Experiment]: [Find injection vector] The adversary identifies an injection vector to deliver the excessive content to the targeted application's buffer.
Technique: Knowing the type of file that an application takes as input, the adversar
1999-11-02
Published