aru Posted April 5, 2006 Report Share Posted April 5, 2006 Mandriva Advisories MDKSA-2006:065 : kaffeine Updated kaffeine packages fix remote buffer overflow vulnerability April 5th, 2006 Marcus Meissner discovered Kaffeine contains an unchecked buffer while creating HTTP request headers for fetching remote RAM playlists, which allows overflowing a heap allocated buffer. As a result, remotely supplied RAM playlists can be used to execute arbitrary code on the client machine. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:065 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0051 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts