CVE-2006-4197

Related Files

Mandriva Linux Security Advisory 2006.157

Posted Sep 7, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-157 - Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.

tags | advisory, remote, web, denial of service, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2006-4197

SHA-256 | 55505444ee2fc39789478d1ac838af1e9a4db348552f6f4ea5ae9d37ad72f4d2

Download | Favorite | View

Debian Linux Security Advisory 1162-1

Posted Aug 30, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1162-1 - Luigi Auriemma discovered several buffer overflows in libmusicbrainz, a CD index library, that allow remote attackers to cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, debian

advisories | CVE-2006-4197

SHA-256 | a063054400baef57bfab0cad98eefcd7f7db72132867f0c07d5344abc01e6b14

Download | Favorite | View