libtunepimp Tag Parser Multiple Overflows

2006-07-13T09:04:00
ID OSVDB:27094
Type osvdb
Reporter Fleisch(urs_fleisch@yahoo.de), Kevin Kofler(kevin.kofler@chello.at)
Modified 2006-07-13T09:04:00

Description

Vulnerability Description

libtunepimp contains several flaws that may allow a malicious user to realize a stack based buffer overflow and to issue arbitrary commands on the compromised system. The issue is triggered when handling specially crafted tagged media files (.ogg, .mp3) with software using libtunepimp library.

Technical Description

This includes the KDE applications 'amarok' and 'juk'.

Solution Description

Upgrade to version 0.4.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

libtunepimp contains several flaws that may allow a malicious user to realize a stack based buffer overflow and to issue arbitrary commands on the compromised system. The issue is triggered when handling specially crafted tagged media files (.ogg, .mp3) with software using libtunepimp library.

References:

Vendor URL: http://musicbrainz.org/products/tunepimp/index.html Vendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=140184 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1016539 Secunia Advisory ID:21027 Secunia Advisory ID:21277 Secunia Advisory ID:21026 Secunia Advisory ID:21106 Secunia Advisory ID:21323 Other Advisory URL: http://bugs.musicbrainz.org/ticket/1563 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1135 Other Advisory URL: http://bugs.musicbrainz.org/ticket/1764 Keyword: DSA-1135 GLSA-200607-11 MDKSA-2006:126 USN-318-1

ISS X-Force ID: 27728 Generic Informational URL: http://bugs.musicbrainz.org/changeset/7935 FrSIRT Advisory: ADV-2006-2785 CVE-2006-3600 Bugtraq ID: 18961