CDP 0.33/0.4 - Console CD Player PrintTOC Function Buffer Overflow

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054429 漏洞类型
发布时间 2004-03-31 更新时间 2004-03-31
漏洞平台 Hardware CVSS评分 N/A

It has been reported that cdp may be prone to a buffer overflow vulnerability that may allow an attacker to cause a denial of service condition in the software. The issue exists due to insufficient boundary checks performed by the printTOC() function. The buffer overflow condition may occur if when a song with a track name exceeding 200 bytes is accessed via the application.

If an attacker is able to overwrite sensitive memory locations, it may be possible to execute arbitrary instructions in the context of the user running cdp.

All versions of cdp are assumed to be vulnerable to this issue.