CVE-2018-0690

Published: Nov 15, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: NVD

Description

An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.

Affected (1)

Products: Sony: Music Center For Pc

Sony

1 product

Music Center For Pc

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sony Music Center For Pc	Up to 1.0.02

References (4)

http://jvn.jp/en/jp/JVN36623716/index.html

Source: vultures@jpcert.or.jp

Third Party Advisory

https://musiccenter.sony.net/en/downloads/update.php

Source: vultures@jpcert.or.jp

Vendor Advisory

http://jvn.jp/en/jp/JVN36623716/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://musiccenter.sony.net/en/downloads/update.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.