STLPort Library Multiple Buffer Overflow Vulnerabilities
BID:16928
Info
STLPort Library Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 16928 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 02 2006 12:00AM |
| Updated: | Mar 08 2006 06:40AM |
| Credit: | The vendor disclosed these issues. |
| Vulnerable: |
STLport STLport 5.0.1 STLport STLport 5.0 |
| Not Vulnerable: |
STLport STLport 5.0.2 |
Discussion
STLPort Library Multiple Buffer Overflow Vulnerabilities
The STLport library is susceptible to multiple buffer-overflow vulnerabilities. These issues are due to the library's failure to properly bound-check user-supplied input before copying it to insufficiently sized memory buffers.
These issues may allow attackers to execute arbitrary machine code in the context of applications that use the library. Depending on the nature of the applications using the library, these issues may be locally or remotely exploited. Failed exploit attempts may crash the affected applications.
STLport versions prior to 5.0.2 are affected by these issues.
The STLport library is susceptible to multiple buffer-overflow vulnerabilities. These issues are due to the library's failure to properly bound-check user-supplied input before copying it to insufficiently sized memory buffers.
These issues may allow attackers to execute arbitrary machine code in the context of applications that use the library. Depending on the nature of the applications using the library, these issues may be locally or remotely exploited. Failed exploit attempts may crash the affected applications.
STLport versions prior to 5.0.2 are affected by these issues.
Exploit / POC
STLPort Library Multiple Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
STLPort Library Multiple Buffer Overflow Vulnerabilities
Solution:
The vendor has released STLport version 5.0.2 to address these issues.
STLport STLport 5.0
STLport STLport 5.0.1
Solution:
The vendor has released STLport version 5.0.2 to address these issues.
STLport STLport 5.0
-
STLport STLport-5.0.2.tar.bz2
http://prdownloads.sourceforge.net/stlport/STLport-5.0.2.tar.bz2?downl oad
STLport STLport 5.0.1
-
STLport STLport-5.0.2.tar.bz2
http://prdownloads.sourceforge.net/stlport/STLport-5.0.2.tar.bz2?downl oad
References
STLPort Library Multiple Buffer Overflow Vulnerabilities
References:
References:
- Release Name: STLport 5.0.2 (STLport)
- STLport Home Page (STLport)