NVD Vulnerability Detail

CVE-2011-5165

Summary	Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
Publication Date	Sept. 16, 2012, 2:55 a.m.
Registration Date	Jan. 28, 2021, 4:40 p.m.
Last Update	Nov. 21, 2024, 10:33 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cleanersoft:free_mp3_cd_ripper:1.1:::::::*
cpe:2.3:a:cleanersoft:free_mp3_cd_ripper:2.5:::::::*
cpe:2.3:a:cleanersoft:free_mp3_cd_ripper::::::::		2.6

Related information, measures and tools

No	URL	タグ
1	http://secunia.com/advisories/39193	Vendor Advisory
2	http://www.exploit-db.com/exploits/11975	Exploit
3	http://www.exploit-db.com/exploits/11976	Exploit
4	http://www.exploit-db.com/exploits/17727	Exploit
5	http://www.exploit-db.com/exploits/18142	Exploit
6	http://www.osvdb.org/63349
7	http://www.securityfocus.com/bid/39672	Exploit
8	https://www.exploit-db.com/exploits/36465/	Exploit
9	https://www.exploit-db.com/exploits/36826/	Exploit
10	https://www.exploit-db.com/exploits/36827/	Exploit
11	http://secunia.com/advisories/39193	Vendor Advisory
12	https://www.exploit-db.com/exploits/36827/	Exploit
13	https://www.exploit-db.com/exploits/36826/	Exploit
14	https://www.exploit-db.com/exploits/36465/	Exploit
15	http://www.securityfocus.com/bid/39672	Exploit
16	http://www.osvdb.org/63349
17	http://www.exploit-db.com/exploits/18142	Exploit
18	http://www.exploit-db.com/exploits/17727	Exploit
19	http://www.exploit-db.com/exploits/11976	Exploit
20	http://www.exploit-db.com/exploits/11975	Exploit

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

Free MP3 CD Ripper におけるスタックベースのバッファオーバーフローの脆弱性

Title	Free MP3 CD Ripper におけるスタックベースのバッファオーバーフローの脆弱性
Summary	Free MP3 CD Ripper には、ファイルを変換する際に、スタックベースのバッファオーバーフローの脆弱性が存在します。
Possible impacts	攻撃者により、巧妙に細工された .wav ファイルを介して、任意のコードを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Sept. 15, 2012, midnight
Registration Date	Sept. 19, 2012, 3:57 p.m.
Last Update	Sept. 19, 2012, 3:57 p.m.

Affected System

Cleanersoft Software

Free MP3 CD Ripper 1.1

Free MP3 CD Ripper 2.6 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-5165	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5165
National Vulnerability Database (NVD)
2	CVE-2011-5165	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5165

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Cleanersoft Software
1	Free MP3 CD Ripper	http://www.cleanersoft.com/cd_ripper/free_cd_ripper.htm

Change Log

No	Changed Details	Date of change
0	[2012年09月19日] 掲載	Feb. 17, 2018, 10:37 a.m.