EUVD-2009-0479

Malware in sbrugna...

CVE-2009-0475

Integer underflow in the Huffman decoding functionality pvmp3huffmanparsing.cpp in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service process crash and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption...

Integer overflow

Integer underflow in the Huffman decoding functionality pvmp3huffmanparsing.cpp in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service process crash and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption...

CVE-2009-0475

CVE-2009-0475 describes an integer underflow in the Huffman decoding path (pvmp3_huffman_parsing.cpp) of OpenCORE = 2.0 with that change. Vendor patches were provided by the Android Open Source Project and ocert.org, with references detailing the patch and affected components. Mitigation involves...

CVE-2009-0475

Integer underflow in the Huffman decoding functionality pvmp3huffmanparsing.cpp in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service process crash and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption...

OpenCORE pvmp3_huffman_parsing.cpp MP3文件解析整数下溢漏洞

BUGTRAQ ID: 33673 CVECAN ID: CVE-2009-0475 OpenCORE是开放源码的多媒体解码子系统。 OpenCORE的pvmp3huffmanparsing.cpp文件在Huffman解码期间存在整数下溢，导致在写入到堆分配缓冲区时出现错误的边界检查。如果用户受骗打开了恶意的mp3文件，就可以触发这个溢出，导致播放器崩溃或执行任意代码。 Android Open Source Project OpenCORE = 2.0 厂商补丁： Android Open Source Project ---------------------------...

OpenCore / Android memory corruption

Memory corruption on MP3 parsing...

[oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding

2009-002 OpenCORE insufficient bounds checking during MP3 decoding Description: OpenCORE, an open source multimedia decoding subsystem, suffers from an integer underflow during Huffman decoding resulting in improper bounds checking when writing to a heap allocated buffer. Decoding a specially...