Songbird Media Player Denial of Service Vulnerability
BID:21343
Info
Songbird Media Player Denial of Service Vulnerability
| Bugtraq ID: | 21343 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 29 2006 12:00AM |
| Updated: | Nov 30 2006 03:09AM |
| Credit: | Greg Linares is credited with the discovery of this vulnerability. |
| Vulnerable: |
Songbird Songbird Media Player 0.2 |
| Not Vulnerable: | |
Discussion
Songbird Media Player Denial of Service Vulnerability
Songbird Media Player is prone to a denial-of-service vulnerability.
An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. Remote code execution may also possible.
Songbird Media Player 0.2 and prior versions are vulnerable.
Songbird Media Player is prone to a denial-of-service vulnerability.
An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. Remote code execution may also possible.
Songbird Media Player 0.2 and prior versions are vulnerable.
Exploit / POC
Songbird Media Player Denial of Service Vulnerability
A sample exploit has been provided:
A sample exploit has been provided:
Solution / Fix
Songbird Media Player Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Songbird Media Player Denial of Service Vulnerability
References:
References:
- Songbird Media Player Web Site (Songbird)