Csound 'main()' Stack Based Buffer Overflow And Integer-overflow Vulnerabilities

Csound is prone to the following vulnerabilities:

1. A stack-based buffer-overflow vulnerability
2. An integer-overflow vulnerability

An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed attacks will cause denial-of-service conditions.

Csound 5.16.6 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus