25 matches found
EUVD-2015-2117
Malware in sbrugna...
GraceNote GNSDK SDK for Android Arbitrary Code Execution Vulnerability
GraceNote GNSDK SDK for Android is a software development kit for building music applications based on the Android platform that recognizes CDs, digital music files, streaming audio, and more. A security vulnerability exists in versions of GraceNote GNSDK SDK for Android prior to 1.1.7. An attack...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK for Android is affected (before SVN Changeset 1.1.7). A root cause in the Serializable class’s finalize method improperly passes an attacker-controlled pointer to a native function, enabling arbitrary code execution on vulnerable versions. Affected product: GraceNote GNSDK...
Gracenote CDDBControl ActiveX Control 'ViewProfile' Method Heap Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to execute...
Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of th...
Gracenote CDDBControl - ActiveX Control ViewProfile Method Heap Buffer Overflow (PoC)
Gracenote CDDBControl - ActiveX Control ViewProfile Method Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/37834/info Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied inpu...
CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...
Buffer overflow
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...
CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters...
CVE-2007-0443
The CVE-2007-0443 issue affects GraceNote’s CDDBControl ActiveX Control. The vulnerability is a buffer overflow in the ActiveX proxy-configuration parameters when long strings are supplied, which can allow remote code execution on affected Windows hosts. Exploitation requires the user to visit a ...
Gracenote CDDBControl ActiveX Proxy Configuration Parameters Multiple Overflows
The Windows remote host contains the Gracenote CDDBControl ActiveX control, which is used by various products, including AOL's software, to lookup CD information in the Gracenote CDDB and is commonly marked as safe for scripting. The version of this ActiveX control on the remote host reportedly...
GraceNote CDDBControl ActiveX buffer overflow
Buffer overflow on oversized proxy configuration paramters...
ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-021.html April 19, 2007 -- CVE ID: CVE-2007-0443 -- Affected Vendor: GraceNote -- Affected Products: CDDBControl ActiveX Control -- TippingPointTM IPS Customer Protection:...
GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of GraceNote's CDDBControl ActiveX Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a buffer overflow in an...
GraceNote CDDBControl ActiveX Control Buffer Overflow (CVE-2006-3134; CVE-2006-6442)
A vulnerability has been discovered in America Online AOL CDDB ActiveX Control. Gracenote CDDB ActiveX control contains a buffer overflow error that allows remote attackers to execute arbitrary code via a long option string. A remote attacker could exploit this flaw to execute arbitrary code and...
Update Protection against GraceNote (CDDB) Control ActiveX Vulnerability
The Gracenote CDDB ActiveX control is used by Sony products as well as other vendors for looking up information about CDs in the Gracenote CD Data Base CDDB. Gracenote CDDB ActiveX control contains a buffer overflow error. By convincing a user to visit a malicious Web page or open a malicious HTM...
Gracenote CDDBControl ActiveX Control Option String Overflow
The Windows remote host contains the Gracenote CDDBControl ActiveX control, which is used by various products, including AOL's software, to lookup CD information in the Gracenote CDDB and is commonly marked as safe for scripting. The version of this ActiveX control on the remote host reportedly...