Computer Security

AlsaPlayer buffer overflow

back  news / advisories / software / search /  forward
[EN] securityvulns.ru no-pyccku


AlsaPlayer buffer overflow
Published:10.04.2008
Source:
SecurityVulns ID:8888
Type:client
Threat Level:
5/10
Description:Buffer overflow on oversized .ogg comment.
CVE:CVE-2007-5301 (Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis input plugin) in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments.)
Original documentdocumentAlbert Sellarès, [CVE-2007-5301] alsaplayer PoC - exploit (10.04.2008)
Files:Exploit for alsaplayer before 0.99.80-rc3
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod