2 results (0.009 seconds)

CVSS: 5.1EPSS: 2%CPEs: 5EXPL: 0

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_peek function. Desbordamiento de búfer en playlistimport.cpp en Kaffein Player 0.4.2 a 0.7.1 permite a atacantes con implicación del usuario ejecutar código de su elección mediante peticiones HTTP largas cuando Kaffeine está "obteniendo listas de reproducción remotas", lo que que dispara un desbordamiento de búfer en la función http_peek. • http://secunia.com/advisories/19525 http://secunia.com/advisories/19540 http://secunia.com/advisories/19542 http://secunia.com/advisories/19549 http://secunia.com/advisories/19557 http://secunia.com/advisories/19571 http://securitytracker.com/id?1015863 http://www.debian.org/security/2006/dsa-1023 http://www.gentoo.org/security/en/glsa/glsa-200604-04.xml http://www.kde.org/info/security/advisory-20060404-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006: •

CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 0

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028061.html http://secunia.com/advisories/13117 http://security.gentoo.org/glsa/glsa-200411-14.xml http://sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655 http://www.securityfocus.com/bid/11528 https://exchange.xforce.ibmcloud.com/vulnerabilities/17849 •