134 matches found
Stack overflow
Multiple stack-based buffer overflows in stream/streamcddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long 1 album title or 2 category...
CVE-2007-2948
Multiple stack-based buffer overflows in stream/streamcddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long 1 album title or 2 category...
EUVD-2007-2940
Multiple stack-based buffer overflows in stream/streamcddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long 1 album title or 2 category...
CVE-2007-2948
Multiple stack-based buffer overflows in stream/streamcddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long 1 album title or 2 category...
FreeBSD : mplayer -- cddb stack overflow (3ac80dd2-14df-11dc-bcfc-0016179b2dd5)
Mplayer Team reports : A stack overflow was found in the code used to handle cddb queries. When copying the album title and category, no checking was performed on the size of the strings before storing them in a fixed-size array. A malicious entry in the database could trigger a stack overflow in...
mplayer -- cddb stack overflow
Mplayer Team reports: A stack overflow was found in the code used to handle cddb queries. When copying the album title and category, no checking was performed on the size of the strings before storing them in a fixed-size array. A malicious entry in the database could trigger a stack overflow in...
CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...
CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...
CVE-2007-0443
The CVE-2007-0443 issue affects GraceNote’s CDDBControl ActiveX Control. The vulnerability is a buffer overflow in the ActiveX proxy-configuration parameters when long strings are supplied, which can allow remote code execution on affected Windows hosts. Exploitation requires the user to visit a ...
GraceNote CDDBControl ActiveX Control Buffer Overflow (CVE-2006-3134; CVE-2006-6442)
A vulnerability has been discovered in America Online AOL CDDB ActiveX Control. Gracenote CDDB ActiveX control contains a buffer overflow error that allows remote attackers to execute arbitrary code via a long option string. A remote attacker could exploit this flaw to execute arbitrary code and...
Update Protection against GraceNote (CDDB) Control ActiveX Vulnerability
The Gracenote CDDB ActiveX control is used by Sony products as well as other vendors for looking up information about CDs in the Gracenote CD Data Base CDDB. Gracenote CDDB ActiveX control contains a buffer overflow error. By convincing a user to visit a malicious Web page or open a malicious HTM...
GLSA-200608-24 : AlsaPlayer: Multiple buffer overflows
The remote host is affected by the vulnerability described in GLSA-200608-24 AlsaPlayer: Multiple buffer overflows AlsaPlayer contains three buffer overflows: in the function that handles the HTTP connections, the GTK interface, and the CDDB querying mechanism. Impact : An attacker could exploit...
CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
DEBIAN-CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
Multiple buffer-overflows in AlsaPlayer 0.99.76
Luigi Auriemma Application: AlsaPlayer http://www.alsaplayer.org Versions: = 0.99.76 and current CVS Platforms: nix and others Bugs: A buffer-overflow in reconnect's redirection B buffer-overflow in GTK playlist C buffer-overflow in cddblookup Exploitation: remote and local Date: 09 Aug 2006...
alsaplayer -- multiple vulnerabilities
Luigi Auriemma reports three vulnerabilities within alsaplayer: The function which handles the HTTP connections is vulnerable to a buffer-overflow that happens when it uses sscanf for copying the URL in the Location's field received from the server into the redirect buffer of only 1024 bytes...
GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on systems that have some versions of the GraceNote CDDBControl ActiveX object installed. There is a buffer overflow in an ActiveXObject registered by several products that use the Gracenote CDDB for CD information lookup. The...