Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 up to and including 0.7.1 allows user-assisted malicious users to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_peek function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaffeine kaffeine player 0.4.2 |
||
kaffeine kaffeine player 0.4.3 |
||
kaffeine kaffeine player 0.4.3b |
||
kaffeine kaffeine player 0.5_rc1 |
||
kaffeine kaffeine player 0.7.1 |