FL Studio FLP File Processing Heap Overflow Vulnerability

FL Studio is susceptible to a remote heap overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.

The application fails to bounds check user-supplied data contained in FLP files, resulting in the possibility of overflowing a destination heap buffer. This allows attackers to control the contents of critical memory control structures and write arbitrary data to arbitrary memory locations.

This issue likely allows attackers to execute arbitrary machine code in the context of the user running the affected application.

This issue is reported in version 5.0.1 of FL Studio. Other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus