Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wsmp3 | wsmp3_web_server | 0.0.1 |
| wsmp3 | wsmp3_web_server | 0.0.4 |
| wsmp3 | wsmp3_web_server | 0.0.5 |
| wsmp3 | wsmp3_daemon | 0.0.9 |
| wsmp3 | wsmp3_daemon | 0.0.8 |
| wsmp3 | wsmp3_web_server | 0.0.6 |
| wsmp3 | wsmp3_daemon | 0.0.10 |
| wsmp3 | wsmp3_web_server | 0.0.2 |
| wsmp3 | wsmp3_web_server | 0.0.3 |
| wsmp3 | wsmp3_web_server | 0.0.7 |
Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wsmp3 | wsmp3_daemon | 0.0.9 |
| wsmp3 | wsmp3_daemon | 0.0.8 |
| wsmp3 | wsmp3_daemon | 0.0.10 |
| wsmp3 | wsmp3_web_server | 0.0.7 |