CVE-2009-0475

2009-02-11 01:30:02 2018-10-11 23:01:47

Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Android Opencore 2.0 (not an official CPE)

Android - Opencore

Advisory	Patch	Confirmed	Link
			33673
			20090207 [oCERT-2009-002] OpenCORE insufficient bounds c...
			http://www.ocert.org/advisories/ocert-2009-002.html
			http://review.source.android.com/Gerrit#change,8815
			http://android.git.kernel.org/?p=platform/external/openc...

CVE-2009-0475

2009-02-11 01:30:02 2018-10-11 23:01:47

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)