CVE-2017-17932

Published: Dic 28, 2017 Last Modified: Apr 20, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

HIGH 10,0

Source: [email protected]

Access Vector: network

Access Complexity: low

Authentication: none

Confidentiality: complete

Integrity: complete

Availability: complete

Description

AI Translation Available

A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,7739

Percentile

1,0th

Updated

EPSS Score Trend (Last 91 Days)

119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Stable

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Modify Memory Read Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory)

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Likelihood of Exploit: High

View CWE Details

Exploit

ALLMediaServer 0.95 - Buffer Overflow (PoC)

Author: Aloyce J. Makalanga Published:

View Exploit Code →

Exploit

ALLMediaServer 0.95 - Remote Buffer Overflow (Metasploit)

Author: Anurag Srivastava Published:

View Exploit Code →

Exploit

ALLMediaServer 0.95 - Remote Buffer Overflow

Author: Mario Kartone Ciccarelli Published:

View Exploit Code →

Application

Allmediaserver by Allmediaserver

Product Information

Vendor Allmediaserver

Product Allmediaserver

Version Range Affected

To 0.95 (inclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:allmediaserver:allmediaserver:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.exploit-db.com/exploits/43406/