CVE-2009-2527

CWE-119Buffer Overflow4 documents4 sources
Severity
9.3CRITICAL
EPSS
45.4%
top 2.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows Media Player
Timeline
PublishedOct 14
Latest updateMay 2

Description

Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rw8c-5h56-67gx: Heap-based buffer overflow in Microsoft Windows Media Player 62022-05-02
CVEList
CVE-2009-2527: Heap-based buffer overflow in Microsoft Windows Media Player 62009-10-14

💥Exploits & PoCs

1
Exploit-DB
4Images 1.7.1 - SQL Injection2009-12-20
CVE-2009-2527 (CRITICAL CVSS 9.3) | Heap-based buffer overflow in Micro | cvebase.io