What is CVE-2011-5171?

CVE-2011-5171 is a vulnerability in Cyberlink Power2go, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-09-15.

Is CVE-2011-5171 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Cyberlink Power2go

CVE-2011-5171

Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file.

Vulnerability class: Buffer Overflow

EPSS: 0.692 (98.7th percentile) — read the EPSS interpretation.

Affected products

Cyberlink Power2go — versions 7.0, 8.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

18220 (Exploit, exploit, x_refsource_EXPLOIT-DB)
power2go-p2g-bo(71723) (vdb-entry, x_refsource_XF)
77600 (x_refsource_OSVDB, vdb-entry)
VU#158003 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
47145 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2011-5171?: CVE-2011-5171 is a vulnerability in Cyberlink Power2go, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-09-15.
Is CVE-2011-5171 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.