Jump to content

Advisories (MDKSA-2006:065 ): kaffeine


aru
 Share

Recommended Posts

Mandriva Advisories MDKSA-2006:065 : kaffeine

 

Updated kaffeine packages fix remote buffer overflow vulnerability

April 5th, 2006

 

Marcus Meissner discovered Kaffeine contains an unchecked buffer while creating HTTP request headers for fetching remote RAM playlists, which allows overflowing a heap allocated buffer. As a result, remotely supplied RAM playlists can be used to execute arbitrary code on the client machine. Updated packages have been patched to correct this issue.

 

 

The released versions of Mandriva GNU/Linux affected are:

  • 2006.0

Full information about this advisory, including the updated packages, is available at:

wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:065

 

Other references:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0051

 

Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)

Link to comment
Share on other sites

 Share

×
×
  • Create New...