abcMIDI ABC Music File Handling Overflow

2006-04-26T07:02:37
ID OSVDB:24974
Type osvdb
Reporter Erik Sjölund()
Modified 2006-04-26T07:02:37

Description

Vulnerability Description

A local overflow exists in abcMIDI. The product fails to limit the bytes read by sscanf in drawtune.c and yapstree.c resulting in a buffer overflow. With a specially crafted .ABC file, an attacker can cause the program to crash or possibly execute arbitrary code resulting in a loss of integrity or availability for the program.

Solution Description

Debian users should upgrade to version 17-1woody1 or 20050101-1sarge1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. For other users, currently there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A local overflow exists in abcMIDI. The product fails to limit the bytes read by sscanf in drawtune.c and yapstree.c resulting in a buffer overflow. With a specially crafted .ABC file, an attacker can cause the program to crash or possibly execute arbitrary code resulting in a loss of integrity or availability for the program.

References:

Vendor Specific Advisory URL Secunia Advisory ID:19829 Secunia Advisory ID:19826 CVE-2006-1514