CVE-2006-3600 Information
Description
Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate) (2) data or (3) error strings.
Reference
http://bugs.musicbrainz.org/ticket/1764 http://secunia.com/advisories/21026 http://secunia.com/advisories/21027 http://secunia.com/advisories/21106 http://secunia.com/advisories/21277 http://secunia.com/advisories/21323 http://security.gentoo.org/glsa/glsa-200607-11.xml http://securitytracker.com/id?1016539 http://www.debian.org/security/2006/dsa-1135 http://www.mandriva.com/security/advisories?name=MDKSA-2006:126 http://www.osvdb.org/27094 http://www.securityfocus.com/bid/18961 http://www.ubuntu.com/usn/usn-318-1 http://www.vupen.com/english/advisories/2006/2785 https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
Share on: