Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the reconnect function in reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is seeking a media file for the playlist, which triggers overflows in new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a long response sent by a CDDB server, which triggers an overflow in cddb_lookup in input/ccda/cdda_engine.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AlsaPlayer多个缓冲区溢出漏洞
Vulnerability Description
Andy Lo-A-Foe AlsaPlayer 0.99.76及早期版本存在多个缓冲区溢出漏洞,远程攻击者可借助以下向量触发拒绝服务攻击(应用程序崩溃),也可能存在未知影响:(1) 网络服务器发送的一个超长Location字段,会在reader/http/http.c程序的reconnect函数中引发溢出错误;(2) 在AlsaPlayer寻找播放列表的媒体文件时,一个网络服务器发送的超长URL,会在interface/gtk/PlaylistWindow.cpp程序的new_list_item函数和C
CVSS Information
N/A
Vulnerability Type
N/A