Gentoo Linux Security Advisory GLSA 200903-31 - A vulnerability in libcdaudio might allow for the remote execution of arbitrary code. A heap-based buffer overflow has been reported in the cddb_read_disc_data() function in cddb.c when processing overly long CDDB data. Versions less than 0.99.12-r1 are affected.
a3a8c31aeb59cd4c415c9380463abc1d37339199f86674332465a060c8b51555
Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.
2dce704b30c5057d574019fc7d3911b1a7e1917657a49ce71f95f9a0d9af8dda
Debian Security Advisory 1665-1 -It was discovered that a heap overflow in the CDDB retrieval code of libcdaudio, a library for controlling a CD-ROM when playing audio CDs, may result in the execution of arbitrary code.
48000ae18472111fa6a7d9e130dada59d22317227ed8090c07d8d045de4957d5