Lucene search
UbuntuUSN-739-1HistoryMar 17, 2009 - 12:00 a.m.
Amarok vulnerabilities
2009-03-1700:00:00
ubuntu.com
40
7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.118 Low
EPSS
Percentile
95.3%
Releases
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 7.10
Packages
- amarok -
Details
It was discovered that Amarok did not correctly handle certain malformed
tags in Audible Audio (.aa) files. If a user were tricked into opening a
crafted Audible Audio file, an attacker could execute arbitrary code with
the privileges of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | amarok | < 2:1.4.10-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | amarok-dbg | < 2:1.4.10-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | amarok-engine-xine | < 2:1.4.10-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | amarok-engine-yauap | < 2:1.4.10-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | amarok | < 2:1.4.9.1-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 8.04 | noarch | amarok-engines | < 2:1.4.9.1-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 8.04 | noarch | amarok-xine | < 2:1.4.9.1-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | amarok | < 2:1.4.7-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | amarok-engines | < 2:1.4.7-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | amarok-xine | < 2:1.4.7-0ubuntu3.2 | UNKNOWN |
Related
nessus
nessus
SuSE 10 Security Update : amarok (ZYPP Patch Number 5931)
2011-01-27 00:00:00
Ubuntu 7.10 / 8.04 LTS / 8.10 : amarok vulnerabilities (USN-739-1)
2009-04-23 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:030 (amarok)
2009-02-02 00:00:00
Debian: Security Advisory (DSA-1706-1)
2009-01-20 00:00:00
FreeBSD Ports: amarok
2009-03-31 00:00:00
freebsd
freebsd
amarok -- multiple vulnerabilities
2009-01-12 00:00:00
gentoo
gentoo
Amarok: User-assisted execution of arbitrary code
2009-03-20 00:00:00
cve
cve
CVE-2009-0135
2009-01-16 18:30:00
CVE-2009-0136
2009-01-16 18:30:00
debiancve
debiancve
CVE-2009-0135
2009-01-16 18:30:00
CVE-2009-0136
2009-01-16 18:30:00
prion
prion
Integer overflow
2009-01-16 18:30:00
Design/Logic Flaw
2009-01-16 18:30:00
ubuntucve
ubuntucve
CVE-2009-0135
2009-01-16 00:00:00
CVE-2009-0136
2009-01-16 00:00:00
redhatcve
redhatcve
CVE-2009-0135
2019-10-04 21:05:45
CVE-2009-0136
2019-10-04 21:05:51
7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.118 Low
EPSS
Percentile
95.3%
Related for USN-739-1