BID:52089

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

Info

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

Bugtraq ID:	52089
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 20 2012 12:00AM
Updated:	Feb 20 2012 12:00AM
Credit:	Luigi Auriemma
Vulnerable:	Jeskola Buzz Build 1458

Not Vulnerable:

Discussion

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

Jeskola Buzz is prone to a memory-corruption vulnerability and multiple buffer-overflow Vulnerabilities.

An attacker can exploit these issues to run arbitrary code in the context of the vulnerable application. Failed exploits can cause a denial-of-service condition.

Buzz Build 1458 is vulnerable; other versions may also be affected.

Exploit / POC

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

The researcher who discovered the issue has created a proof of concept. Please see the references for more information.

Solution / Fix

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Jeskola Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities

References:

Buzz Home Page (Jeskola)
Buzz Memory Corruption and Multiple Buffer Overflow Vulnerabilities (Luigi Auriemma)