MidnightBSD

Advisories for illustrate

CVE-2004-1569 MEDIUM

Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
illustrate dbpoweramp_music_converter 10.0
illustrate dbpoweramp_audio_player 2.0
CVE-2005-4648 MEDIUM

Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
illustrate dbpoweramp_music_converter *