Search criteria
7 vulnerabilities found for nero by nero
VAR-200804-0377
Vulnerability from variot - Updated: 2024-02-06 22:45NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322. Nero MediaHome is a media server component in the Nero suite that allows media files to be shared on a local area network. Nero MediaHome is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying further service to legitimate users. This issue affects Nero MediaHome 3.3.3.0. Other versions may also be affected. ----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
17 days left of beta period.
The 1st generation of the Secunia Network Software Inspector (NSI) has been available for corporate users for almost 1 year and its been a tremendous success.
The 2nd generation Secunia NSI is built on the same technology as the award winning Secunia PSI, which has already been downloaded and installed on more than 400,000 computers world wide.
Learn more / Download (instant access): http://secunia.com/network_software_inspector_2/
TITLE: Nero MediaHome Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA29808
VERIFY ADVISORY: http://secunia.com/advisories/29808/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From local network
SOFTWARE: Nero MediaHome 3.x http://secunia.com/product/17236/
DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Nero MediaHome, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to a NULL-pointer dereference error in NMMediaServer.exe and can be exploited to cause the process to crash via e.g. sending an overly long string to default port 54444/TCP.
SOLUTION: Use in a trusted network environment only.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/neromedia-adv.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200804-0377",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nero",
"scope": "lte",
"trust": 1.8,
"vendor": "nero",
"version": "8.3.2.1"
},
{
"model": "mediahome",
"scope": "lte",
"trust": 1.8,
"vendor": "nero",
"version": "3.3.3.0"
},
{
"model": "mediahome",
"scope": "eq",
"trust": 0.9,
"vendor": "nero",
"version": "3.3.3.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "nero",
"scope": "eq",
"trust": 0.6,
"vendor": "nero",
"version": "8.3.2.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "BID",
"id": "28775"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nero:nero:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nero:mediahome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.3.3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "28775"
}
],
"trust": 0.3
},
"cve": "CVE-2008-1905",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-1905",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2008-1924",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-1905",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2008-1924",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200804-324",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2008-1905",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322. Nero MediaHome is a media server component in the Nero suite that allows media files to be shared on a local area network. Nero MediaHome is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. \nAn attacker can exploit this issue to crash the affected application, denying further service to legitimate users. \nThis issue affects Nero MediaHome 3.3.3.0. Other versions may also be affected. ----------------------------------------------------------------------\n\nSecunia Network Software Inspector 2.0 (NSI) - Public Beta\n\n17 days left of beta period. \n\nThe 1st generation of the Secunia Network Software Inspector (NSI)\nhas been available for corporate users for almost 1 year and its been\na tremendous success. \n\nThe 2nd generation Secunia NSI is built on the same technology as the\naward winning Secunia PSI, which has already been downloaded and\ninstalled on more than 400,000 computers world wide. \n\nLearn more / Download (instant access):\nhttp://secunia.com/network_software_inspector_2/\n\n----------------------------------------------------------------------\n\nTITLE:\nNero MediaHome Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA29808\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29808/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nNero MediaHome 3.x\nhttp://secunia.com/product/17236/\n\nDESCRIPTION:\nLuigi Auriemma has discovered a vulnerability in Nero MediaHome,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to a NULL-pointer dereference error\nin NMMediaServer.exe and can be exploited to cause the process to\ncrash via e.g. sending an overly long string to default port\n54444/TCP. \n\nSOLUTION:\nUse in a trusted network environment only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nhttp://aluigi.altervista.org/adv/neromedia-adv.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1905"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "BID",
"id": "28775"
},
{
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"db": "PACKETSTORM",
"id": "65479"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1905",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "29808",
"trust": 2.4
},
{
"db": "BID",
"id": "28775",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2008-1216",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2008-1924",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2008-1905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "65479",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"db": "BID",
"id": "28775"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "PACKETSTORM",
"id": "65479"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"id": "VAR-200804-0377",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
}
]
},
"last_update_date": "2024-02-06T22:45:25.561000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MediaHome",
"trust": 0.8,
"url": "http://www.nero.com/enu/mediahome4-introduction.html?nerosid=3180c228999fe123c559f7372de4ba86"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29808"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/28775"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1905"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1905"
},
{
"trust": 0.7,
"url": "http://secunia.com/advisories/29808/"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1216/references"
},
{
"trust": 0.3,
"url": "http://www.nero.com/nero7/eng/nero_mediahome.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17236/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector_2/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"db": "BID",
"id": "28775"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "PACKETSTORM",
"id": "65479"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"db": "BID",
"id": "28775"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"db": "PACKETSTORM",
"id": "65479"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-04-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"date": "2008-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"date": "2008-04-14T00:00:00",
"db": "BID",
"id": "28775"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"date": "2008-04-14T21:48:17",
"db": "PACKETSTORM",
"id": "65479"
},
{
"date": "2008-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"date": "2008-04-22T04:41:00",
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"date": "2017-08-08T00:00:00",
"db": "VULMON",
"id": "CVE-2008-1905"
},
{
"date": "2015-05-07T17:29:00",
"db": "BID",
"id": "28775"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004363"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-324"
},
{
"date": "2017-08-08T01:30:34.777000",
"db": "NVD",
"id": "CVE-2008-1905"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nero MediaHome NMMediaServer.EXE Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-1924"
},
{
"db": "BID",
"id": "28775"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-324"
}
],
"trust": 0.6
}
}
FKIE_CVE-2017-15383
Vulnerability from fkie_nvd - Published: 2017-10-16 17:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cxsecurity.com/issue/WLB-2016110092 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cxsecurity.com/issue/WLB-2016110092 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nero:nero:7.10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "461D0C91-6FF2-4759-B9F8-58DF45FCFD56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\\Nero directory."
},
{
"lang": "es",
"value": "Nero 7.10.1.0 tiene BINARY_PATH_NAME sin comillas para NBService, explotable mediante un archivo troyano Nero.exe en el directorio %PROGRAMFILES(x86)%\\Nero."
}
],
"id": "CVE-2017-15383",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-16T17:29:00.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1905
Vulnerability from fkie_nvd - Published: 2008-04-22 04:41 - Updated: 2025-04-09 00:30
Severity ?
Summary
NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nero:mediahome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4835A5D-6E42-47A3-AB9F-E9B47F7A07BA",
"versionEndIncluding": "3.3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nero:nero:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6E9733-BC70-4D46-A37B-5015D39BA007",
"versionEndIncluding": "8.3.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322."
},
{
"lang": "es",
"value": "NMMediaServer.exe en Nero MediaHome 3.3.3.0 y versiones anteriores, tal como se utiliza en Nero 8.3.2.1 y versiones anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (puntero de referencia NULL y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una petici\u00f3n HTTP larga al puerto TCP 54444, un vector diferente a CVE-2007-2322."
}
],
"id": "CVE-2008-1905",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-22T04:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29808"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28775"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-15383 (GCVE-0-2017-15383)
Vulnerability from cvelistv5 – Published: 2017-10-16 17:00 – Updated: 2024-09-17 00:11
VLAI?
Summary
Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\\Nero directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-16T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\\Nero directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"name": "https://cxsecurity.com/issue/WLB-2016110092",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15383",
"datePublished": "2017-10-16T17:00:00Z",
"dateReserved": "2017-10-16T00:00:00Z",
"dateUpdated": "2024-09-17T00:11:49.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1905 (GCVE-0-2008-1905)
Vulnerability from cvelistv5 – Published: 2008-04-21 23:00 – Updated: 2024-08-07 08:41
VLAI?
Summary
NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.altervista.org/adv/neromedia-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1905",
"datePublished": "2008-04-21T23:00:00",
"dateReserved": "2008-04-21T00:00:00",
"dateUpdated": "2024-08-07T08:41:00.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15383 (GCVE-0-2017-15383)
Vulnerability from nvd – Published: 2017-10-16 17:00 – Updated: 2024-09-17 00:11
VLAI?
Summary
Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\\Nero directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-16T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\\Nero directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html"
},
{
"name": "https://cxsecurity.com/issue/WLB-2016110092",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2016110092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15383",
"datePublished": "2017-10-16T17:00:00Z",
"dateReserved": "2017-10-16T00:00:00Z",
"dateUpdated": "2024-09-17T00:11:49.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1905 (GCVE-0-2008-1905)
Vulnerability from nvd – Published: 2008-04-21 23:00 – Updated: 2024-08-07 08:41
VLAI?
Summary
NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.altervista.org/adv/neromedia-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/neromedia-adv.txt"
},
{
"name": "ADV-2008-1216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1216/references"
},
{
"name": "28775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28775"
},
{
"name": "29808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29808"
},
{
"name": "nero-nmmediaserver-dos(41795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1905",
"datePublished": "2008-04-21T23:00:00",
"dateReserved": "2008-04-21T00:00:00",
"dateUpdated": "2024-08-07T08:41:00.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}