vendor:
Zortam Mp3 Media Studio
by:
Kevin McGuigan
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Zortam Mp3 Media Studio
Affected Version From: 23.45
Affected Version To: 23.45
Patch Exists: NO
Related CWE: N/A
CPE: a:zortam:zortam_mp3_media_studio
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 7 32 bit
2018
Zortam Mp3 Media Studio Local Buffer Overflow (SEH)
A buffer overflow vulnerability exists in Zortam Mp3 Media Studio version 23.45. By crafting a malicious string and pasting it into the directory field of the 'Add Disk to Mp3 Library' feature, an attacker can cause a stack-based buffer overflow, resulting in arbitrary code execution.
Mitigation:
Vendor did not respond to advisory