Buffer overflow in the http_open function in Kaffeine prior to 0.5, whose code is also used in gxine prior to 0.3.3, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaffeine kaffeine player 0.4.3b |
||
kaffeine kaffeine player 0.5_rc1 |
||
xine gxine 0.3 |
||
kaffeine kaffeine player 0.4.2 |
||
kaffeine kaffeine player 0.4.3 |
||
gentoo linux |