CVE-2011-5165
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 37%
from disclosure to weapon0 days
Published on NVDSep 15
1st PoCMar 30
metasploitAug 27
exploitation probability
37%top 2% of all CVEs
observed exploitation
nono source reports it
15 public exploit(s)
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
Affected products
n/a · n/apublic PoCs found — 15
cve_referencewww.exploit-db.com/exploits/36465/unverifiedcve_referencewww.exploit-db.com/exploits/36826/unverifiedcve_referencewww.exploit-db.com/exploits/36827/unverifiedcve_referencewww.exploit-db.com/exploits/11975unverifiedcve_referencewww.exploit-db.com/exploits/11976unverifiedcve_referencewww.exploit-db.com/exploits/17727unverifiedcve_referencewww.exploit-db.com/exploits/18142unverifiedexploitdbwww.exploit-db.com/exploits/11975unverifiedexploitdbwww.exploit-db.com/exploits/18142unverifiedexploitdbwww.exploit-db.com/exploits/17727unverifiedexploitdbwww.exploit-db.com/exploits/36465unverifiedexploitdbwww.exploit-db.com/exploits/12012unverifiedexploitdbwww.exploit-db.com/exploits/11976unverifiedexploitdbwww.exploit-db.com/exploits/36827unverifiedexploitdbwww.exploit-db.com/exploits/36826unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://secunia.com/advisories/39193https://www.exploit-db.com/exploits/36465/https://www.exploit-db.com/exploits/36826/https://www.exploit-db.com/exploits/36827/http://www.exploit-db.com/exploits/11975http://www.exploit-db.com/exploits/11976http://www.exploit-db.com/exploits/17727http://www.exploit-db.com/exploits/18142http://www.osvdb.org/63349http://www.securityfocus.com/bid/39672