← back
CVE-2009-0182

CVE-2009-0182

EPSS 48.4%
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 48.4%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
20 Jan 2009Published on NVD
18 Aug 2009Metasploit module available
01 May 2021Public PoC
Weaponization speed
4484 daysto first PoC
209 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.