Published: 30/05/2014 Updated: 29/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and previous versions allow remote malicious users to cause a denial of service (crash) via a long string in the (1) request line or (2) HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nero mediahome

Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Version(s): 4580 and probably prior Tested Version: 4580 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency [CWE-130], Improper Handling of Undefined Parameters ...

Nero MediaHome version 4580 suffers from multiple denial of service vulnerabilities due to improper handling issues ...

CWE-189 http://www.exploit-db.com/exploits/24022 http://osvdb.org/89149 http://www.osvdb.org/89150 http://www.securityfocus.com/bid/57253 https://www.htbridge.com/advisory/HTB23130 http://archives.neohapsis.com/archives/bugtraq/2013-01/0037.html https://exchange.xforce.ibmcloud.com/vulnerabilities/81103 https://nvd.nist.gov https://www.exploit-db.com/exploits/24022/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5876

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect