Roxio Toast CLI Option Format String

2004-12-17T07:44:50
ID OSVDB:12477
Type osvdb
Reporter fintler(fintler@gmail.com)
Modified 2004-12-17T07:44:50

Description

Vulnerability Description

Toast contains a flaw that may allow a local malicious user to execute arbitrary code. The issue is triggered when a malicious user sends a specially crafted argument using the command line. It is possible that the flaw may allow execution arbitrary code resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Toast contains a flaw that may allow a local malicious user to execute arbitrary code. The issue is triggered when a malicious user sends a specially crafted argument using the command line. It is possible that the flaw may allow execution arbitrary code resulting in a loss of integrity.

References:

Vendor URL: http://www.roxio.com/en/products/toast/index.jhtml Secunia Advisory ID:13476 Mail List Post: http://seclists.org/lists/bugtraq/2004/Dec/0140.html Mail List Post: http://attrition.org/pipermail/vim/2006-September/001034.html Mail List Post: http://attrition.org/pipermail/vim/2006-September/001035.html ISS X-Force ID: 18472 CVE-2004-1398