MusicMatch Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 2832

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running MusicMatch, a music player. The remote version of this software is vulnerable to a buffer overflow condition as well as a cross-site scripting vulnerability. An attacker may exploit these flaws to execute arbitrary code on the remote host.

Solution

Upgrade to version 10.0.2048, 9.0.5066 or higher.

Plugin Details

Severity: Medium

ID: 2832

Family: Web Clients

Published: 4/14/2005

Updated: 3/6/2019

Nessus ID: 18049

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:musicmatch:jukebox

Reference Information

CVE: CVE-2005-1168, CVE-2005-1185

BID: 13173, 13174, 13167

Detections

Analytics

MusicMatch Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 2832

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information