libcdaudio -- remote buffer overflow and code execution

ID BD730827-DFE0-11DD-A765-0030843D3802
Type freebsd
Reporter FreeBSD
Modified 2008-11-05T00:00:00


securityfocus reports:

The 'libcdaudio' library is prone to a remote heap code in the context of an application that uses the library. Failed attacks will cause denial-of-service conditions.

A buffer-overflow in Grip occurs when the software processes a response to a CDDB query that has more than 16 matches. To exploit this issue, an attacker must be able to influence the response to a CDDB query, either by controlling a malicious CDDB server or through some other means. Successful exploits will allow arbitrary code to run.