Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
BID:13174
Info
Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13174 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 14 2005 12:00AM |
| Updated: | Apr 14 2005 12:00AM |
| Credit: | The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue. |
| Vulnerable: |
Musicmatch Inc. Musicmatch Jukebox 10.0.2047 Musicmatch Inc. Musicmatch Jukebox 10.0 Musicmatch Inc. Musicmatch Jukebox 9.0.5059 Musicmatch Inc. Musicmatch Jukebox 8.2 Musicmatch Inc. Musicmatch Jukebox 8.1 Musicmatch Inc. Musicmatch Jukebox 8.0 |
| Not Vulnerable: | |
Discussion
Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
An unspecified remote buffer overflow vulnerability affects Musicmatch Jukebox. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
An unspecified remote buffer overflow vulnerability affects Musicmatch Jukebox. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Exploit / POC
Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
Solution:
The vendor has released an upgrade dealing with this issue.
Musicmatch Inc. Musicmatch Jukebox 10.0
Musicmatch Inc. Musicmatch Jukebox 8.0
Musicmatch Inc. Musicmatch Jukebox 8.1
Musicmatch Inc. Musicmatch Jukebox 8.2
Musicmatch Inc. Musicmatch Jukebox 9.0.5059
Solution:
The vendor has released an upgrade dealing with this issue.
Musicmatch Inc. Musicmatch Jukebox 10.0
-
Musicmatch Inc. Musicmatch Jukebox 10.00.2047
http://www.musicmatch.com/download/plus/jukebox_intro.htm?os=pc&mode=i nput&BTD=1&DID=
Musicmatch Inc. Musicmatch Jukebox 8.0
-
Musicmatch Inc. Musicmatch Jukebox 10.00.2047
http://www.musicmatch.com/download/plus/jukebox_intro.htm?os=pc&mode=i nput&BTD=1&DID=
Musicmatch Inc. Musicmatch Jukebox 8.1
-
Musicmatch Inc. Musicmatch Jukebox 10.00.2047
http://www.musicmatch.com/download/plus/jukebox_intro.htm?os=pc&mode=i nput&BTD=1&DID=
Musicmatch Inc. Musicmatch Jukebox 8.2
-
Musicmatch Inc. Musicmatch Jukebox 10.00.2047
http://www.musicmatch.com/download/plus/jukebox_intro.htm?os=pc&mode=i nput&BTD=1&DID=
Musicmatch Inc. Musicmatch Jukebox 9.0.5059
-
Musicmatch Inc. Musicmatch Jukebox 10.00.2047
http://www.musicmatch.com/download/plus/jukebox_intro.htm?os=pc&mode=i nput&BTD=1&DID=
References
Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulnerability
References:
References:
- Musicmatch Home Page (Musicmatch)
- Musicmatch Jukebox Security Updates FAQ (Musicmatch)