All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
BID:39823
Info
All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 39823 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 30 2010 12:00AM |
| Updated: | Mar 30 2010 12:00AM |
| Credit: | ItSecTeam |
| Vulnerable: |
AtoA Software All to All Audio Convertor 2.0 |
| Not Vulnerable: | |
Discussion
All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
All To All Audio Converter is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
All To All Audio Converter 2.0 is vulnerable; other versions may also be affected.
All To All Audio Converter is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
All To All Audio Converter 2.0 is vulnerable; other versions may also be affected.
Exploit / POC
All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
References
All To All Audio Converter '.ogg' File Stack Buffer Overflow Vulnerability
References:
References:
- All To All Audio Converter Homepage (AtoA Software)