grip -- CDDB response multiple matches buffer overflow vulnerability

ID BCF27002-94C3-11D9-A9E0-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-03-18T00:00:00


Joseph VanAndel reports that grip is vulnerability to a buffer overflow vulnerability when receiving more than 16 CDDB responses. This could lead to a crash in grip and potentially execution arbitrary code. A workaround is to disable CDDB lookups.