CVE-2009-4201 Information

Description

Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 allow remote attackers to execute arbitrary code via an MP3 file with a long string in the (1) ID3v1 (2) ID3v2 or (3) APEv2 metadata field.

Reference

http://liquidworm.blogspot.com/2009/05/mp3-tag-assistant-pro-292-tag-metadata.html http://osvdb.org/54810 http://secunia.com/advisories/35305 https://exchange.xforce.ibmcloud.com/vulnerabilities/50870