5
CVSSv2

CVE-2006-4089

Published: 11/08/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 506
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and previous versions allow remote malicious users to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the reconnect function in reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is seeking a media file for the playlist, which triggers overflows in new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a long response sent by a CDDB server, which triggers an overflow in cddb_lookup in input/ccda/cdda_engine.c.

Affected Products

Vendor Product Versions
Andy Lo-a-foeAlsaplayer0.99.76

Vendor Advisories

Luigi Auriemma discovered several buffer overflows in alsaplayer, a PCM player designed for ALSA, that can lead to a crash of the application and maybe worse outcome For the stable distribution (sarge) these problems have been fixed in version 09976-03sarge1 For the unstable distribution (sid) these problems will be fixed soon We recommend th ...

Exploits

source: wwwsecurityfocuscom/bid/19450/info AlsaPlayer is prone to multiple buffer-overflow vulnerabilities because the application fails to check the size of the data before copying it into a finite-sized internal memory buffer An attacker can exploit these issues to execute arbitrary code within the context of the application or cause ...

Github Repositories

LinuxFlaw This repo records all the vulnerabilities of linux software I have reproduced in my local workspace If the vulnerability has both CVE-ID and EDB-ID, CVE-ID is preferred as its directory name All the vulnerable source code packages are stored in source-packages Vmware Workstation Images Image Name username password Ubuntu 810 exploit exploit Ubuntu 1004LTS

LinuxFlaw This repo records all the vulnerabilities of linux software I have reproduced in my local workspace If the vulnerability has both CVE-ID and EDB-ID, CVE-ID is preferred as its directory name All the vulnerable source code packages are stored in source-packages Vmware Workstation Images Image Name username password Ubuntu 810 exploit exploit Ubuntu 1004LTS