CVE-2005-4648 Information

Description

Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier possibly including (1) MusicConverter.exe (2) playlist.exe and (3) amp.exe allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry possibly involving large field names as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569 but if so then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.

Reference

http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.html http://securitytracker.com/id?1015415