[Kaffeine Security Advisory] Heap based buffer overflow in http_peek() Apr 05 2006 12:46AM
Dirk Mueller (mueller kde org)

Kaffeine buffer overflow in http_peek()
Original Release Date: 2006-04-04
URL: http://www.kde.org/info/security/advisory-20060404-1.txt

0. References

1. Systems affected:

Kaffeine 0.4.2 up to including Kaffeine 0.7.1. Kaffeine
0.8.0 not affected.

2. Overview:

Kaffeine can produce a buffer overflow in http_peek() while
creating HTTP request headers for fetching remote playlists,
which under certain circumstances could be used to crash the
application and/or execute arbitrary code.

3. Impact:

Remotely supplied playlists can be used to execute arbitrary
code on the local machine.

4. Solution:

Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.

5. Patch:

Patch for Kaffeine 0.7.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :

45cdf59fc1d9d94b045915e9583187d8 kaffeine-0.7.x-CVE-2006-0051.patch

Patch for Kaffeine 0.5.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :

86109b6919cc2984f85dc6a463627c50 kaffeine-0.5.x-CVE-2006-0051.patch

Patch for Kaffeine 0.4.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :

feb69d70388b0a4745b29a644a3f7779 kaffeine-0.4.x-CVE-2006-0051.patch

6. Credits:

We'd like to thank Marcus Meissner for discovering and reporting
the issue.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus