17 matches found
SuSE 10 Security Update : amarok (ZYPP Patch Number 5931)
This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135 / CVE-2009-0136 %NASLMINLEVEL 70300 ...
Mandriva Security Advisory MDVSA-2009:030-1 (amarok)
The remote host is missing an update to amarok announced via advisory MDVSA-2009:030-1. OpenVAS Vulnerability Test $Id: mdksa20090301.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:030-1 amarok Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
openSUSE Security Update : amarok (amarok-436)
This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...
openSUSE Security Update : amarok (amarok-436)
This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...
FreeBSD Ports: amarok
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
GLSA-200903-34 : Amarok: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200903-34 Amarok: User-assisted execution of arbitrary code Tobias Klein has discovered multiple vulnerabilities in Amarok: Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp trigge...
Ubuntu USN-739-1 (amarok)
The remote host is missing an update to amarok announced via advisory USN-739-1. OpenVAS Vulnerability Test $Id: ubuntu7391.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7391.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-739-1 amarok Authors: Thomas Rein...
Ubuntu USN-737-1 (libsoup)
The remote host is missing an update to libsoup announced via advisory USN-737-1. OpenVAS Vulnerability Test $Id: ubuntu7371.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7371.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-737-1 libsoup Authors: Thomas...
Mandrake Security Advisory MDVSA-2009:030 (amarok)
The remote host is missing an update to amarok announced via advisory MDVSA-2009:030. OpenVAS Vulnerability Test $Id: mdksa2009030.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:030 amarok Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
openSUSE 10 Security Update : amarok (amarok-5932)
This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...
Fedora Core 9 FEDORA-2009-0715 (amarok)
The remote host is missing an update to amarok announced via advisory FEDORA-2009-0715. OpenVAS Vulnerability Test $Id: fcore20090715.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0715 amarok Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
Fedora Core 9 FEDORA-2009-0715 (amarok)
The remote host is missing an update to amarok announced via advisory FEDORA-2009-0715. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Debian Security Advisory DSA 1706-1 (amarok)
The remote host is missing an update to amarok announced via advisory DSA 1706-1. OpenVAS Vulnerability Test $Id: deb17061.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1706-1 amarok Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2009-0136
Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service application crash or execute arbitrary code via an Audible Audio .aa file with a crafted 1 nlen or 2 vlen Tag...
CVE-2009-0136
Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service application crash or execute arbitrary code via an Audible Audio .aa file with a crafted 1 nlen or 2 vlen Tag...
CVE-2009-0136
The CVE-2009-0136 issue affects Amarok 1.4.10–2.0.1 through an insecure parsing path in Audible Audio (.aa) files. Specifically, multiple array index errors in Audible::Tag::readTag (metadata/audible/audibletag.cpp) can lead to an invalid pointer dereference or writing a 0x00 byte, after an alloc...
Debian DSA-1706-1 : amarok - integer overflows
Tobias Klein discovered that integer overflows in the code the Amarok media player uses to parse Audible files may lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...