Computer Security
[EN] securityvulns.ru no-pyccku


OpenCore / Android memory corruption
Published:10.02.2009
Source:
SecurityVulns ID:9664
Type:library
Threat Level:
5/10
Description:Memory corruption on MP3 parsing.
Affected:OPENCORE : OpenCore 2.0
CVE:CVE-2009-0475 (Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.)
Original documentdocumentWill Drewry, [oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding (10.02.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod