Cowon America Jetaudio vulnerabilities
5 known vulnerabilities affecting cowon_america/jetaudio.
Total CVEs
5
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2007-4983P3CRITICALCVSS 10.0PoCv7.0.3.3016v7.0.3_basic2007-09-19
CVE-2007-4983 [CRITICAL] CWE-22 CVE-2007-4983: Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jet
Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party i
nvd
CVE-2009-4676P3CRITICALCVSS 9.3PoCv7.5.2v7.5.3.152010-03-05
CVE-2009-4676 [CRITICAL] CWE-119 CVE-2009-4676: Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote a
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2009-4668P3CRITICALCVSS 9.3PoCv7.5.2v7.5.3.152010-03-05
CVE-2009-4668 [CRITICAL] CWE-119 CVE-2009-4668: Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote a
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
nvd
CVE-2007-5487P3CRITICALCVSS 9.3PoCv7.0.3_basic2007-10-16
CVE-2007-5487 [CRITICAL] CWE-119 CVE-2007-5487: Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attack
Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.
nvd
CVE-2006-2910P4MEDIUMCVSS 5.1vbasic_6.2.6.83302006-07-05
CVE-2006-2910 [MEDIUM] CVE-2006-2910: Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted at
Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.
nvd