CVE-2006-4197
CVE-2006-4197
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/28384não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://aluigi.altervista.org/adv/brainzbof-adv.txthttp://secunia.com/advisories/21404http://secunia.com/advisories/21668http://secunia.com/advisories/21699http://secunia.com/advisories/22191http://secunia.com/advisories/22393http://secunia.com/advisories/22517http://secunia.com/advisories/22639http://security.gentoo.org/glsa/glsa-200610-09.xmlhttp://securityreason.com/securityalert/1399http://securitytracker.com/id?1016691https://exchange.xforce.ibmcloud.com/vulnerabilities/28367